CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Akamai Blog•added 2021/01/27 5:0 a.m.•13 views

When Destiny is Knocking on Your Door Again - Data Mining CDN Logs to Refine and Optimize Web Attack Detection

A few years ago, I wrote a blog post trying to explain, with humor, why choosing application security as a career path is destiny derived by my parents calling me "Or", and why a personal name that is a conditional word can sometimes be challenging in daily routines, since some attack payloads...

1.7AI score

Exploits0

OSV•added 2020/10/16 11:15 p.m.•1 views

CVE-2020-16947

A remote code execution vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the targeted user. If the targeted user is logged on with...

7.5CVSS8AI score0.33551EPSS

Exploits0References4

OSV•added 2020/10/16 11:15 p.m.•1 views

CVE-2020-16968

A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user...

7.8CVSS7.9AI score0.04507EPSS

OSV•added 2020/10/16 11:15 p.m.•0 views

CVE-2020-16932

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...

7.8CVSS7.7AI score0.04469EPSS

OSV•added 2020/10/16 11:15 p.m.•2 views

CVE-2020-16933

A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file...

7CVSS7.1AI score0.02534EPSS

7.8CVSS7.7AI score0.03665EPSS

CVE-2020-1594

6.1CVSS7.4AI score0.02103EPSS

CVE-2020-1506

An elevation of privilege vulnerability exists in the way that the Wininit.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. There are multiple ways an attacker could exploit the vulnerability: In a web-based atta...

7.8CVSS7.7AI score0.03665EPSS

CVE-2020-1335

OSV•added 2020/09/11 5:15 p.m.•0 views

CVE-2020-1338

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the...

7.8CVSS7.6AI score0.03665EPSS

7.8CVSS6.4AI score0.03665EPSS

CVE-2020-1332

OSV•added 2020/09/11 5:15 p.m.•0 views

CVE-2020-1218

7.8CVSS7.6AI score0.03635EPSS

Exploits1References1

OSV•added 2020/09/11 5:15 p.m.•1 views

CVE-2020-0997

7.8CVSS7.7AI score0.04905EPSS

8.8CVSS7.9AI score0.04212EPSS

CVE-2020-1494

8.8CVSS7.9AI score0.04212EPSS

CVE-2020-1495

7.8CVSS7.1AI score0.03568EPSS

CVE-2020-1487

An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log onto ...

5CVSS7.9AI score0.08876EPSS

CVE-2020-1483

A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrativ...