EUVD-2025-43609

Malicious code in kurnia-lengko1-breki npm...

Microsoft Office 2016 Spoofing Vulnerability (KB5002635)

This host is missing an important security update according to Microsoft KB5002635 SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Largest Patch Tuesday since July includes two exploited in the wild, three critical vulnerabilities

The largest Microsoft Patch Tuesday since July includes two vulnerabilities that have been exploited in the wild and three other critical issues across the company's range of hardware and software offerings. October's monthly security update from Microsoft includes fixes for 117 CVEs, the most in...

CVE-2024-43609

Microsoft Office Spoofing Vulnerability...

CVE-2024-43609

creationtimestamp| type| source ---|---|--- 2024-10-08 17:54:47+00:00| seen| https://www.thezdi.com/blog/2024/10/8/the-october-2024-security-update-review 2024-10-08 21:14:21+00:00| seen| https://t.me/cvedetector/7399...

CVE-2024-43609 Microsoft Office Spoofing Vulnerability

...

CVE-2024-43609 Microsoft Office Spoofing Vulnerability

...

CVE-2024-43609

CVE-2024-43609 is a Microsoft Office spoofing vulnerability affecting Office products (including Office 2016/2019/LTSC and Office 365/Copilot-related components) where an attacker can impersonate the user interface. The connected sources describe it as a spoofing vulnerability in Office component...

KLA73908 Multiple vulnerabilities in Microsoft Office

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to spoof user interface, obtain sensitive information, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Microsoft Office c...

CVE-2023-43609

creationtimestamp| type| source ---|---|--- 2024-02-09 05:31:18+00:00| seen| https://t.me/ctinow/181806 2024-02-22 09:07:34+00:00| seen| https://t.me/ctinow/190543...

CVE-2023-43609 Emerson Rosemount GC370XA, GC700XA, GC1500XA Improper Authorization

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could obtain access to sensitive information or cause a denial-of-service condition...

CVE-2023-43609

CVE-2023-43609 affects Emerson Rosemount GC370XA, GC700XA, and GC1500XA. It is described as an Improvements in Authorization (CWE-285) where an unauthenticated user with network access could obtain access to sensitive information or cause a denial-of-service, per the ICS advisory and CVE listings...

Emerson Rosemount GC370XA, GC700XA, GC1500XA

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely Vendor : Emerson Equipment : Rosemount GC370XA, GC700XA, GC1500XA Vulnerabilities : Command Injection, Improper Authentication, Improper Authorization 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

CVE-2021-43609

An issue was discovered in Spiceworks Help Desk Server before 1.3.3. A Blind Boolean SQL injection vulnerability within the orderbyforticket function in app/models/reporting/databasequery.rb allows an authenticated attacker to execute arbitrary SQL commands via the sort parameter. This can be...

CVE-2021-43609

CVE-2021-43609 affects Spiceworks Help Desk Server prior to 1.3.3. A blind boolean SQL injection in the sort parameter via the order_by_for_ticket function (app/models/reporting/database_query.rb) allows an authenticated attacker to execute arbitrary SQL commands, enabling leakage of local files ...

CVE-2022-43609

creationtimestamp| type| source ---|---|--- 2023-03-29 22:28:44+00:00| seen| https://t.me/cibsecurity/61096...

CVE-2022-43609

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IronCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of STP files...

CVE-2022-43609

CVE-2022-43609 affects IronCAD. The vulnerability stems from parsing STP files where, when handling the VECTOR element, a pointer is not properly initialized before access, enabling remote code execution with user interaction (visiting a malicious page or opening a malicious file). Descriptions f...