Lucene search
K

29 matches found

thn
thn
added 2026/02/16 12:55 p.m.19 views

Weekly Recap: Outlook Add-Ins Hijack, 0-Day Patches, Wormable Botnet & AI Malware

This week’s recap shows how small gaps are turning into big entry points. Not always through new exploits, often through tools, add-ons, cloud setups, or workflows that people already trust and rarely question. Another signal: attackers are mixing old and new methods. Legacy botnet tactics, moder...

10CVSS7.9AI score0.88115EPSS
Exploits51
malwarebytes
malwarebytes
added 2026/02/12 2:35 p.m.5 views

Outlook add-in goes rogue and steals 4,000 credentials and payment data

Researchers found a malicious Microsoft Outlook add-in which was able to steal 4,000 stolen Microsoft account credentials, credit card numbers, and banking security answers. How is it possible that the Microsoft Office Add-in Store ended listing an add-in that silently loaded a phishing kit insid...

5.5AI score
Exploits0
thn
thn
added 2026/02/11 5:45 p.m.6 views

First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials

Cybersecurity researchers have discovered what they said is the first known malicious Microsoft Outlook add-in detected in the wild. In this unusual supply chain attack detailed by Koi Security, an unknown attacker claimed the domain associated with a now-abandoned legitimate add-in to serve a fa...

6.1AI score
Exploits0
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-4148

Malware in sbrugna...

5.9CVSS6AI score0.00493EPSS
Exploits0References2
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-7794

Malware in sbrugna...

8.2CVSS8.2AI score0.00369EPSS
Exploits0References4
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-10826

Malware in sbrugna...

7.3CVSS7.5AI score0.00848EPSS
Exploits3References5
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-49987

Malicious code in bioql PyPI...

6.1CVSS5.4AI score0.00318EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 8:55 a.m.2 views

CVE-2024-29209

A medium severity vulnerability has been identified in the update mechanism of the Phish Alert Button for Outlook, which could allow an attacker to remotely execute arbitrary code on the host machine. The vulnerability arises from the application's failure to securely verify the authenticity and...

6CVSS7.8AI score0.00374EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/02/05 4:55 p.m.9 views

CVE-2019-17390

An issue was discovered in the Outlook add-in in Pronestor Planner before 8.1.77. There is local privilege escalation in the Health Monitor service because PronestorHealthMonitor.exe access control is mishandled, aka PNB-2359...

8.2CVSS7AI score0.00369EPSS
Exploits0References1
osv
osv
added 2024/02/10 4:15 a.m.4 views

CVE-2023-45698

Sametime is impacted by lack of clickjacking protection in Outlook add-in. The application is not implementing appropriate protections in order to protect users from clickjacking attacks...

6.1CVSS5.8AI score0.00318EPSS
Exploits0References1
nvd
nvd
added 2024/02/10 4:15 a.m.23 views

CVE-2023-45698

Sametime is impacted by lack of clickjacking protection in Outlook add-in. The application is not implementing appropriate protections in order to protect users from clickjacking attacks...

6.1CVSS5.1AI score0.00318EPSS
Exploits0References1
prion
prion
added 2024/02/10 4:15 a.m.20 views

Code injection

Sametime is impacted by lack of clickjacking protection in Outlook add-in. The application is not implementing appropriate protections in order to protect users from clickjacking attacks...

1.8CVSS7.3AI score0.00318EPSS
Exploits0References1
cve
cve
added 2024/02/10 3:24 a.m.41 views

CVE-2023-45698

CVE-2023-45698 affects the HCL Sametime Outlook add-in, with lack of clickjacking protections as the root cause. The CVSSv3.1 base score is 6.1 (Medium); attack vector: Network; user interaction required; confidentiality/integrity impact low, availability none. Connected sources confirm the issue...

6.1CVSS5.1AI score0.00318EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2024/02/10 3:24 a.m.25 views

CVE-2023-45698 HCL Sametime is impacted by clickjacking

Sametime is impacted by lack of clickjacking protection in Outlook add-in. The application is not implementing appropriate protections in order to protect users from clickjacking attacks...

4.8CVSS5.4AI score0.00318EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/02/10 3:24 a.m.23 views

CVE-2023-45698 HCL Sametime is impacted by clickjacking

Sametime is impacted by lack of clickjacking protection in Outlook add-in. The application is not implementing appropriate protections in order to protect users from clickjacking attacks...

4.8CVSS6.9AI score0.00318EPSS
Exploits0References1
citrix
citrix
added 2023/08/20 12:0 a.m.5 views

MS Teams Outlook Add-in missing

MS Teams is installed on the Master Image MS Teams Outlook Add-in is visible on the Master Image session MS Teams Outlook Add-in is missing on the MCS/PVS VDAs...

7.1AI score
Exploits0
citrix
citrix
added 2022/02/02 12:0 a.m.7 views

Adobe Acrobat PDF Maker Outlook Add-in not working when elastically layered.

Outlook add-in not working for Adobe PDF Maker. Attempting use Adobe Acrobat Reader and Acrobat Pro with one on the base image and the other as an elastic layer...

7.1AI score
Exploits0
mskb
mskb
added 2021/09/30 12:0 a.m.5 views

September 30, 2021—KB5005611 (OS Builds 19041.1266, 19042.1266, and 19043.1266) Preview

September 30, 2021—KB5005611 OS Builds 19041.1266, 19042.1266, and 19043.1266 Preview 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. To view other notes and messages, see the Windows 10, version...

6.5AI score
Exploits0
mskb
mskb
added 2021/09/27 12:0 a.m.4 views

September 27, 2021—KB5005619 (OS Build 20348.261) Preview

September 27, 2021—KB5005619 OS Build 20348.261 Preview Improvements and fixes This non-security update includes quality improvements. Key changes include: Addresses an issue that might prevent users from opening phone apps that are pinned to the taskbar. This issue occurs after they update to th...

6.7CVSS7AI score0.01039EPSS
Exploits0
nvd
nvd
added 2020/04/23 3:15 p.m.22 views

CVE-2020-11806

In MailStore Outlook Add-in and Email Archive Outlook Add-in through 12.1.2, the login process does not validate the validity of the certificate presented by the server...

5.9CVSS5.8AI score0.00493EPSS
Exploits0References1
Rows per page
Query Builder