Lucene search
K

142536 matches found

BDU FSTEC
BDU FSTEC
added 11 hours ago16 views

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

8.4CVSS6AI score0.00425EPSS
Exploits0References2
Nuclei
Nuclei
added 18 hours ago1416 views

Microsoft FrontPage Extensions - Information Disclosure

Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /vtibin/ virtual directory. id: CVE-2000-0114 info: name: Microsoft FrontPage Extensions - Information Disclosure author: r3naissance,matejsmycka severity...

5CVSS6.1AI score0.47595EPSS
Exploits1References3
Nuclei
Nuclei
added 18 hours ago249 views

Microsoft SharePoint - Authentication Bypass

Microsoft SharePoint Server Elevation of Privilege Vulnerability id: CVE-2023-29357 info: name: Microsoft SharePoint - Authentication Bypass author: pdteam severity: critical description: | Microsoft SharePoint Server Elevation of Privilege Vulnerability impact: | Unauthenticated attackers can...

9.8CVSS7.1AI score0.99649EPSS
Exploits10References5
Nuclei
Nuclei
added 18 hours ago4229 views

Microsoft OWA Exchange Server 2003 - 'redir.asp' Open Redirection

Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft Outlook Web Access OWA for Exchange Server 2003 SP2 aka build 6.5.7638 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the URL parameter. id: CVE-2008-1547 info: name:...

4.3CVSS6.2AI score0.45927EPSS
Exploits2References5
Nuclei
Nuclei
added 18 hours ago79 views

Microsoft SharePoint - Remote Code Execution

Microsoft SharePoint is vulnerable to a remote code execution when the software fails to check the source markup of an application package. id: CVE-2020-16952 info: name: Microsoft SharePoint - Remote Code Execution author: dwisiswant0 severity: high description: Microsoft SharePoint is vulnerabl...

8.6CVSS7.4AI score0.70894EPSS
Exploits5References5
Nuclei
Nuclei
added 18 hours ago82 views

Pallets Werkzeug <0.15.5 - Local File Inclusion

Pallets Werkzeug before 0.15.5 is susceptible to local file inclusion because SharedDataMiddleware mishandles drive names such as C: in Windows pathnames. id: CVE-2019-14322 info: name: Pallets Werkzeug 0.15.5 - Local File Inclusion author: madrobot severity: high description: | Pallets Werkzeug...

7.5CVSS7AI score0.55526EPSS
Exploits7References5
Nuclei
Nuclei
added 18 hours ago85 views

Microsoft SQL Server Reporting Services - Remote Code Execution

Microsoft SQL Server Reporting Services is vulnerable to a remote code execution vulnerability because it incorrectly handles page requests. id: CVE-2020-0618 info: name: Microsoft SQL Server Reporting Services - Remote Code Execution author: joeldeleep severity: high description: Microsoft SQL...

9.8CVSS7.4AI score0.99022EPSS
Exploits14References5
Nuclei
Nuclei
added 18 hours ago59 views

Microsoft SharePoint Server - Remote Code Execution (ToolShell)

Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network. This vulnerability is part of the ToolShell exploit chain and when combined with CVE-2025-53771 authentication bypass, enables unauthenticated remote code...

9.8CVSS7.3AI score0.99979EPSS
Exploits41References4
Nuclei
Nuclei
added 18 hours ago73 views

Microsoft Exchange Server - Cross-Site Scripting

Microsoft Exchange Server, or OWA, is vulnerable to a cross-site scripting vulnerability in refurl parameter of frowny.asp. id: CVE-2021-31195 info: name: Microsoft Exchange Server - Cross-Site Scripting author: infosecsanyam severity: medium description: Microsoft Exchange Server, or OWA, is...

8.8CVSS6.8AI score0.73676EPSS
Exploits3References5
NVD
NVD
added yesterday11 views

CVE-2026-58596

Untrusted pointer dereference in Microsoft Edge Chromium-based allows an unauthorized attacker to elevate privileges over a network...

8.3CVSS
Exploits0References1
CVE
CVE
added yesterday27 views

CVE-2026-58596

Microsoft Edge (Chromium-based) contains CVE-2026-58596: an untrusted pointer dereference that allows an unauthenticated attacker to elevate privileges over a network. The CVSSv3.1 vector is AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H with a base score of 8.3 (HIGH). Impact affects confidentiality, integ...

8.3CVSS6.1AI score
Exploits0References1Affected Software1
EUVD
EUVD
added yesterday11 views

EUVD-2026-43239

Untrusted pointer dereference in Microsoft Edge Chromium-based allows an unauthorized attacker to elevate privileges over a network...

8.3CVSS6.1AI score
Exploits0References1
Cvelist
Cvelist
added yesterday35 views

CVE-2026-58596 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

...

8.3CVSS
Exploits0References1
NVD
NVD
added 2 days ago6 views

CVE-2026-58281

Deserialization of untrusted data in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

8.3CVSS0.00704EPSS
Exploits0References1
CVE
CVE
added 2 days ago18 views

CVE-2026-58281

CVE-2026-58281 — Microsoft Edge (Chromium-based) Root cause: Deserialization of untrusted data in Edge may allow remote code execution. The vulnerability is exploitable over a network and falls under a high severity (CVSS v3.1 base score 8.3; AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H). Impact: Unauthor...

8.3CVSS6.2AI score0.00704EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-43191

Deserialization of untrusted data in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

8.3CVSS6.2AI score0.00704EPSS
Exploits0References1
The Hacker News
The Hacker News
added 4 days ago20 views

GodDamn Ransomware Uses PoisonX Driver to Disable Endpoint Defenses

Cybersecurity researchers have flagged a new ransomware family called GodDamn that employs the PoisonX kernel driver to neutralize security software as part of its defense evasion strategy. According to a new report published by the Threat Hunter Team from Symantec, the ransomware was first...

6AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 4 days ago3 views

libXfont2 PCF Font Parsing Heap Buffer Overflow

...

8.8CVSS6.1AI score0.00529EPSS
Exploits0
CVE
CVE
added 5 days ago47 views

CVE-2026-58525

CVE-2026-58525 affects Microsoft Edge (Chromium-based) with an improper access control that lets an unauthenticated attacker bypass a security feature over the network. CVSS 3.1 base score 8.2 (HIGH) with Network attack vector, Low attack complexity, No privileges, User interaction required, Conf...

8.2CVSS5.9AI score0.00362EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 5 days ago30 views

CVE-2026-58525 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

...

8.2CVSS0.00362EPSS
Exploits0References1
Rows per page
Query Builder