Lucene search
K

19 matches found

The Hacker News
The Hacker News
added 2023/10/13 2:31 p.m.60 views

New PEAPOD Cyberattack Campaign Targeting Women Political Leaders

European Union military personnel and political leaders working on gender equality initiatives have emerged as the target of a new campaign that delivers an updated version of RomCom RAT called PEAPOD. Cybersecurity firm Trend Micro attributed the attacks to a threat actor it tracks under the nam...

7.5CVSS8.2AI score0.99083EPSS
Exploits3
GithubExploit
GithubExploit
added 2023/09/28 11:53 a.m.704 views

Exploit for Race Condition in Microsoft

CVE-2023-36884: MS Office HTML RCE with crafted documents On...

7.5CVSS8.3AI score0.99083EPSS
Exploits3
Trellix
Trellix
added 2023/08/24 12:0 a.m.60 views

The Tale of Two Exploits - Breaking Down CVE-2023-36884 and the Infection Chain

The Tale of Two Exploits - Breaking Down CVE-2023-36884 and the Infection Chain By Trellix · August 24, 2023 This blog was written by Chintan Shah Executive Summary On July 11 2023, Microsoft released a patch fixing multiple actively exploited RCE vulnerabilities and disclosed a phishing campaign...

7.5CVSS9.1AI score0.99083EPSS
Exploits3
OpenVAS
OpenVAS
added 2023/08/10 12:0 a.m.33 views

Microsoft Project 2016 Remote Code Execution Vulnerability (KB5002328)

This host is missing a critical security update according to Microsoft KB5002328 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS8.1AI score0.99083EPSS
Exploits3References3
OpenVAS
OpenVAS
added 2023/08/09 12:0 a.m.19 views

Microsoft Visio 2016 Defense in Depth Security Update (KB5002418)

This host is missing an important security update according to Microsoft KB5002418. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

7.5CVSS7.8AI score0.99083EPSS
Exploits3References4
OpenVAS
OpenVAS
added 2023/08/09 12:0 a.m.52 views

Microsoft Windows Multiple Vulnerabilities (KB5029244)

This host is missing an important security update according to Microsoft KB5029244 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

9.8CVSS7.7AI score0.99083EPSS
Exploits5References3
OpenVAS
OpenVAS
added 2023/08/09 12:0 a.m.35 views

Microsoft Excel 2013 Service Pack 1 Defense in Depth Security Update (KB5002451)

This host is missing an important security update according to Microsoft KB5002451 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

7.5CVSS7.8AI score0.99083EPSS
Exploits3References3
OpenVAS
OpenVAS
added 2023/08/09 12:0 a.m.30 views

Microsoft Excel 2016 Defense in Depth Security Update (KB5002463)

This host is missing an important security update according to Microsoft KB5002463 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

7.5CVSS7.8AI score0.99083EPSS
Exploits3References3
hivepro
hivepro
added 2023/07/14 6:45 a.m.68 views

Storm-0978 actively exploited the unpatched Office zero-day

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Storm-0978 is a Russian cybercriminal group that specializes in executing sophisticated phishing campaigns. Storm-0978 was found to be engaged in a new wave of attacks, leveraging the exploitation of...

6.8CVSS6.8AI score0.99083EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2023/07/13 12:0 a.m.190 views

Office and Windows HTML Remote Code Execution Vulnerability (CVE-2023-36884) Mitigation

The remote system may be vulnerable to CVE-2023-36884 since it does not have the correct FEATUREBLOCKCROSSPROTOCOLFILENAVIGATION registry key mitigations applied as referenced in the vendor advisory. An unauthenticated, remote attacker could exploit this, by using specially-crafted Microsoft Offi...

8.9AI score0.99083EPSS
Exploits3References3
GithubExploit
GithubExploit
added 2023/07/12 2:13 p.m.13 views

Exploit for Race Condition in Microsoft

This is a PoC exploit for CVE-2023-36884, a vulnerability in Mic...

7.5CVSS7AI score0.99083EPSS
Exploits3
Circl
Circl
added 2023/07/11 9:56 p.m.20 views

CVE-2023-36884

creationtimestamp| type| source ---|---|--- 2023-07-11 21:56:22+00:00| seen| https://t.me/ctinow/123163 2023-07-12 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1062 2023-07-12 09:42:06+00:00| seen| https://t.me/kasperskyb2b/746 2023-07-12 09:56:39+00:00| exploited|...

7.5CVSS7.4AI score0.99083EPSS
Exploits3References52
Rapid7 Blog
Rapid7 Blog
added 2023/07/11 9:50 p.m.133 views

Patch Tuesday - July 2023

Microsoft is addressing 130 vulnerabilities this July Patch Tuesday, including five zero-day vulnerabilities, and eight further critical remote code execution RCE vulnerabilities. Overall, it’s safe to say that this is a busier Patch Tuesday than the past couple of months. Note that the total cou...

9.3CVSS9.2AI score0.99374EPSS
Exploits75
Cvelist
Cvelist
added 2023/07/11 6:14 p.m.28 views

CVE-2023-36884 Windows Search Remote Code Execution Vulnerability

...

7.5CVSS8AI score0.99083EPSS
Exploits3References1
Vulnrichment
Vulnrichment
added 2023/07/11 6:14 p.m.17 views

CVE-2023-36884 Windows Search Remote Code Execution Vulnerability

...

7.5CVSS7.8AI score0.99083EPSS
Exploits3References1
CVE
CVE
added 2023/07/11 6:14 p.m.1375 views

CVE-2023-36884

CVE-2023-36884 is a Windows/Office RCE via Windows Search (.search-ms) triggered by specially crafted OOXML documents; active exploitation was noted (Storm-0978 campaign) and Microsoft released a patch/Defense in Depth mitigations in August 2023 to break the exploitation chain. Public PoCs/exploi...

7.5CVSS9.1AI score0.99083EPSS
In wildExploits3References3Affected Software12
Microsoft Secure
Microsoft Secure
added 2023/07/11 5:30 p.m.47 views

Storm-0978 attacks reveal financial and espionage motives

Microsoft has identified a phishing campaign conducted by the threat actor tracked as Storm-0978 targeting defense and government entities in Europe and North America. The campaign involved the abuse of CVE-2023-36884, which included a remote code execution vulnerability exploited before disclosu...

8AI score0.99083EPSS
Exploits3
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/07/11 5:30 p.m.58 views

Storm-0978 attacks reveal financial and espionage motives

Microsoft has identified a phishing campaign conducted by the threat actor tracked as Storm-0978 targeting defense and government entities in Europe and North America. The campaign involved the abuse of CVE-2023-36884, which included a remote code execution vulnerability exploited before disclosu...

6.8CVSS8AI score0.99083EPSS
Exploits3
ATTACKERKB
ATTACKERKB
added 2023/07/11 12:0 a.m.69 views

CVE-2023-36884

Windows Search Remote Code Execution Vulnerability Recent assessments: cbeek-r7 at August 24, 2023 1:46pm UTC reported: CVE-2023-36884 is a fixed vulnerability that permitted remote code execution. Attackers could manipulate Microsoft Office files to bypass the Mark of the Web MoTW security...

7.5CVSS8.7AI score0.99083EPSS
In wildExploits3References3
Rows per page
Query Builder