threat
engine
.sh
Back
·
··:··
Home
/
Product
/
absolute secure access
Product
absolute secure access
43 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-40951
< 14.50
CVE-2026-40951 is a memory corruption vulnerability on Secure Access Windows clients prior to 14.50. Attackers with local control
5.5
MEDIUM
CVE-2026-40950
< 14.50
CVE-2026-40950 is a buffer overflow vulnerability in the Secure Access server prior to 14.50. Attackers with control of a modifie
6.5
MEDIUM
CVE-2026-40949
< 14.50
CVE-2026-40949 is a buffer overflow vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local contro
4.4
MEDIUM
CVE-2026-33452
< 14.50
CVE-2026-33452 is a buffer overflow vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local contro
5.5
MEDIUM
CVE-2026-33451
< 14.50
CVE-2026-33451 is an arbitrary read/write vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local
7.8
HIGH
CVE-2026-33450
< 14.50
CVE-2026-33450 is an out of bounds read vulnerability in the Secure Access MacOS client prior to 14.50. Attackers with control of
5.5
MEDIUM
CVE-2026-33449
< 14.50
CVE-2026-33449 is a buffer overflow in a message handling function of the Secure Access client prior to 14.50. Attackers with con
7.5
HIGH
CVE-2026-33448
< 14.50
CVE-2026-33448 is a format string vulnerability in the logging subsystem of Secure Access client for MacOS prior to 14.50. Attack
3.3
LOW
CVE-2026-33447
< 14.50
CVE-2026-33447 is a buffer overflow in a message parsing function of the Secure Access client prior to 14.50. Attackers with cont
9.8
CRITICAL
CVE-2026-33446
< 14.50
CVE-2026-33446 is a buffer overflow in the authentication sub-system of the Secure Access client prior to 14.50. Attackers with c
9.8
CRITICAL
CVE-2026-0519
>= 12.70 and < 14.20
In Secure Access 12.70 and prior to 14.20, the logging subsystem may write an unredacted authentication token to logs under cert
3.4
LOW
CVE-2026-0518
< 14.20
CVE-2026-0518 is a cross-site scripting vulnerability in versions of Secure Access prior to 14.20. An attacker with administrativ
4.8
MEDIUM
CVE-2026-0517
< 14.20
CVE-2026-0517 is a denial-of-service vulnerability in versions of Secure Access Server prior to 14.20. An attacker can send a spe
7.5
HIGH
CVE-2025-59596
>= 12.00 and < 14.12
CVE-2025-59596 is a denial-of-service vulnerability in Secure Access Windows client versions 12.0 to 14.10 that is addressed in v
6.5
MEDIUM
CVE-2025-59595
< 14.12
CVE-2025-59595 is an internally discovered denial of service vulnerability in versions of Secure Access prior to 14.12. An attack
7.5
HIGH
CVE-2025-54089
< 14.10
CVE-2025-54089 is a cross-site scripting vulnerability in versions of secure access prior to 14.10. Attackers with administrative
3.4
LOW
CVE-2025-54088
< 14.10
CVE-2025-54088 is an open-redirect vulnerability in Secure Access prior to version 14.10. Attackers with access to the console can
6.1
MEDIUM
CVE-2025-54087
< 14.10
CVE-2025-54087 is a server-side request forgery vulnerability in Secure Access prior to version 14.10. Attackers with administrati
2.6
LOW
CVE-2025-54086
< 14.10
CVE-2025-54086 is an excess permissions vulnerability in the Warehouse component of Absolute Secure Access prior to version 14.10.
3.3
LOW
CVE-2025-54085
< 13.56
CVE-2025-54085 is a vulnerability in the management console of Absolute Secure Access prior to version 13.56. Attackers with admin
3.8
LOW
CVE-2025-49084
< 13.56
CVE-2025-49084 is a vulnerability in the management console of Absolute Secure Access prior to version 13.56. Attackers with admin
9.1
CRITICAL
CVE-2025-49083
>= 12.00 and < 13.56
CVE-2025-49083 is a vulnerability in the management console of Absolute Secure Access after version 12.00 and prior to version 13.
7.2
HIGH
CVE-2025-49082
< 13.56
CVE-2025-49082 is a vulnerability in the management console of Absolute Secure Access prior to version 13.56. Attackers with admin
2.7
LOW
CVE-2025-49081
< 13.55
There is an insufficient input validation vulnerability in the warehouse component of Absolute Secure Access prior to server versi
4.9
MEDIUM
CVE-2025-49080
>= 9.0 and <= 13.54
There is a memory management vulnerability in Absolute Secure Access server versions 9.0 to 13.54. Attackers with network access t
7.5
HIGH
CVE-2025-27706
< 13.54
CVE-2025-27706 is a cross-site scripting vulnerability in the management console of Absolute Secure Access prior to version 13.54
3.4
LOW
CVE-2025-27703
< 13.54
CVE-2025-27703 is a privilege escalation vulnerability in the management console of Absolute Secure Access prior to version 13.54
6.0
MEDIUM
CVE-2025-27702
< 13.54
CVE-2025-27702 is a vulnerability in the management console of Absolute Secure Access prior to version 13.54. Attackers with admi
4.9
MEDIUM
CVE-2024-40873
< 13.07
There is a cross-site scripting vulnerability in the Secure Access administrative console of Absolute Secure Access prior to versi
4.5
MEDIUM
CVE-2024-37352
< 13.06
There is a cross-site scripting vulnerability in the management UI of Absolute Secure Access prior to version 13.06 that allows at
4.5
MEDIUM
CVE-2024-37351
< 13.06
There is a cross-site scripting vulnerability in the management UI of Absolute Secure Access prior to version 13.06. Attackers wit
4.5
MEDIUM
CVE-2024-37350
< 13.06
There is a cross-site scripting vulnerability in the policy management UI of Absolute Secure Access prior to version 13.06. Attack
6.5
MEDIUM
CVE-2024-37349
< 13.06
There is a cross-site scripting vulnerability in the management UI of Absolute Secure Access prior to version 13.06. Attackers wit
4.5
MEDIUM
CVE-2024-37348
< 13.06
There is a cross-site scripting vulnerability in the management UI of Absolute Secure Access prior to version 13.06. Attackers wit
4.5
MEDIUM
CVE-2024-37347
< 13.06
There is a cross-site scripting vulnerability in the pool configuration component of the management UI of Absolute Secure Access p
4.5
MEDIUM
CVE-2024-37346
< 13.06
There is an insufficient input validation vulnerability in the Warehouse component of Absolute Secure Access prior to 13.06. Attac
4.9
MEDIUM
CVE-2024-37345
< 13.06
There is a cross-site scripting vulnerability in the Secure Access administrative UI of Absolute Secure Access prior to version 13
5.3
MEDIUM
CVE-2024-37344
< 13.06
There is a cross-site scripting vulnerability in the Policy management UI of Absolute Secure Access prior to version 13.06. Attack
4.5
MEDIUM
CVE-2024-37343
< 13.06
There is a cross-site scripting vulnerability in the Secure Access administrative console of Absolute Secure Access prior to versi
4.8
MEDIUM
CVE-2021-36750
all versions
ENC DataVault before 7.2 and VaultAPI v67 mishandle key derivation, making it easier for attackers to determine the passwords of a
8.1
HIGH
CVE-2017-16560
all versions
SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where they can remain indefinitely in
4.3
MEDIUM
CVE-2010-2289
all versions
Open redirect vulnerability in dana/home/homepage.cgi in Juniper Networks IVE 6.5R1 (Build 14599) and 6.5R2 (Build 14951) allows r
CVE-2010-2288
all versions
Cross-site scripting (XSS) vulnerability in dana/nc/ncrun.cgi in Juniper Networks IVE 6.5R1 (Build 14599) and 6.5R2 (Build 14951)
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin