Lucene search
K

1681 matches found

CNNVD
CNNVD
added 2026/04/14 12:0 a.m.8 views

Microsoft Windows 安全漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There are security vulnerabilities in Microsoft Windows OLE. Attackers can exploit these vulnerabilities to gain higher privileges. The following products and versions are affected: Windows 11...

7.8CVSS5.8AI score0.00298EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/02/04 2:13 p.m.184 views

Exploit for Reliance on Untrusted Inputs in a Security Decision in Microsoft

Detections for the CVE-2026-21509 vulnerability in MS Office...

8.8CVSS5.5AI score0.96843EPSS
Exploits49
GithubExploit
GithubExploit
added 2026/02/01 5:31 p.m.224 views

Exploit for Reliance on Untrusted Inputs in a Security Decision in Microsoft

🏛️CTT -Microsoft Office OLE Manifold BYPASS CVE-2026-21509 Stan...

7.8CVSS7.5AI score0.72152EPSS
Exploits12
GithubExploit
GithubExploit
added 2026/01/29 12:51 a.m.187 views

Exploit for Reliance on Untrusted Inputs in a Security Decision in Microsoft

CVE-2026-21509 — Educational Dummy PoC for Defender Visibility...

7.8CVSS5.9AI score0.72152EPSS
Exploits12
The Hacker News
The Hacker News
added 2026/01/27 10:37 a.m.31 views

Microsoft Office Zero-Day (CVE-2026-21509) - Emergency Patch Issued for Active Exploitation

Microsoft on Monday issued out-of-band security patches for a high-severity Microsoft Office zero-day vulnerability exploited in attacks. The vulnerability, tracked as CVE-2026-21509 , carries a CVSS score of 7.8 out of 10.0. It has been described as a security feature bypass in Microsoft Office...

7.8CVSS6AI score0.72152EPSS
Exploits12
Information Security Automation
Information Security Automation
added 2026/01/27 7:4 a.m.10 views

About Remote Code Execution – Microsoft Office (CVE-2026-21509) vulnerability

About Remote Code Execution - Microsoft Office CVE-2026-21509 vulnerability. The vulnerability was urgently fixed on January 26, outside the regular Microsoft Patch Tuesday. Microsoft classified it as a Security Feature Bypass, but in fact, it is more of a Remote Code Execution. The vulnerability...

7.8CVSS8.6AI score0.72152EPSS
Exploits12
OSV
OSV
added 2026/01/16 2:16 a.m.5 views

CVE-2025-65117

The vulnerability, if exploited, could allow an authenticated miscreant Process Optimization Designer User to embed OLE objects into graphics, and escalate their privileges to the identity of a victim user who subsequently interacts with the graphical elements...

7.7CVSS5.8AI score
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/01/16 12:14 a.m.3 views

CVE-2025-65117

The vulnerability, if exploited, could allow an authenticated miscreant Process Optimization Designer User to embed OLE objects into graphics, and escalate their privileges to the identity of a victim user who subsequently interacts with the graphical elements...

8.5CVSS5.5AI score0.00198EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/01/16 12:0 a.m.6 views

AVEVA Process Optimization security vulnerabilities

AVEVA Process Optimization is a real-time process optimization software developed by the British company AVEVA. AVEVA Process Optimization has a security vulnerability, which arises from the possibility for authenticated attackers to embed OLE objects into graphics, potentially leading to privile...

8.5CVSS5.8AI score0.00198EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/11/13 9:8 a.m.3 views

CVE-2025-64402

Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used "OLE objects" linked to...

6.5CVSS6.7AI score0.00535EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/12 6:1 p.m.4 views

CVE-2025-60714

Heap-based buffer overflow in Windows OLE allows an unauthorized attacker to execute code locally...

7.8CVSS6.1AI score0.00563EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/12 9:30 a.m.4 views

EUVD-2025-124981

Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used "OLE objects" linked to...

6.5CVSS6.2AI score0.00535EPSS
Exploits0References4
OSV
OSV
added 2025/11/12 9:15 a.m.5 views

CVE-2025-64402

Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used "OLE objects" linked to...

6.5CVSS5.7AI score0.00535EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/11/12 9:3 a.m.3 views

CVE-2025-64402 Apache OpenOffice: Remote documents loaded without prompt via OLE objects

Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used "OLE objects" linked to...

6.3AI score0.00535EPSS
Exploits0References2
CVE
CVE
added 2025/11/12 9:3 a.m.16 views

CVE-2025-64402

CVE-2025-64402 affects Apache OpenOffice up to 4.1.15. A missing Authorization vulnerability allows documents using OLE objects linked to external files to load those files without prompting the user. Impact: loading external content without user consent. A fix is available in OpenOffice 4.1.16; ...

6.5CVSS6.3AI score0.00535EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/11/12 12:0 a.m.6 views

PT-2025-46582

Name of the Vulnerable Software and Affected Versions Apache OpenOffice versions through 4.1.15 Description Apache OpenOffice documents can contain links. A missing authorization check in Apache OpenOffice allowed an attacker to create a document that would load external links without user...

6.5CVSS6.5AI score0.00535EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2025/11/11 5:59 p.m.3 views

CVE-2025-60714

Heap-based buffer overflow in Windows OLE allows an unauthorized attacker to execute code locally...

7.8CVSS6AI score0.00563EPSS
Exploits0References2Affected Software20
GithubExploit
GithubExploit
added 2025/10/11 7:40 p.m.181 views

Exploit for Use After Free in Microsoft

LetsDefend-SOC336-Windows-OLE-Zero-Click-RCE-Exploitation-Dete...

9.8CVSS8.6AI score0.80912EPSS
Exploits6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-8131

Malware in sbrugna...

7.8CVSS7.7AI score0.01417EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-3555

Malware in sbrugna...

4.3CVSS8AI score0.09864EPSS
Exploits0References17
Rows per page
Query Builder