Lucene search
K

263 matches found

Kitploit
Kitploit
added 2021/09/28 8:30 p.m.37 views

LittleCorporal - A C# Automated Maldoc Generator

LittleCorporal: A C Automated Maldoc Generator C:\LittleCorporal\bin\ReleaseLittleCorporal.exe C:\beacon.bin explorer.exe . . . . | | ||/ |/ || | \ \ | | | | | \ \ \ | / / \ / / \ \ \ / \ \ \ | | | || || | | | | |\ /\ \ | / | | // | | | ||| || |/\ \ //|| | / /|| // / / / || / / \ / o\ /...

7.6AI score
Exploits0References4
Gitee
Gitee
added 2021/09/12 12:47 p.m.7 views

Exploit for Path Traversal in Microsoft

This repository is a proof-of-concept PoC exploit for CVE-2021-40444, a Microsoft Office Word remote code execution vulnerability. The PoC is a malicious docx generator that creates a document that, when opened, will execute arbitrary code on the victim's system. The PoC consists of several files...

8.8CVSS8.4AI score0.96843EPSS
Exploits38
OSV
OSV
added 2021/03/01 4:15 p.m.5 views

CVE-2021-25830

A file extension handling issue was found in core module of ONLYOFFICE DocumentServer v4.2.0.236-v5.6.4.13. An attacker must request the conversion of the crafted file from DOCT into DOCX format. Using the chain of two other bugs related to improper string handling, an attacker can achieve remote...

9.8CVSS7.8AI score0.11763EPSS
Exploits1References6
ThreatPost
ThreatPost
added 2021/02/26 7:56 p.m.35 views

Lazarus Targets Defense Companies with ThreatNeedle Malware

The prolific North Korean APT known as Lazarus is behind a spear-phishing campaign aimed at stealing critical data from defense companies by leveraging an advanced malware called ThreatNeedle, new research has revealed. The elaborate and ongoing cyberespionage campaign used emails with COVID-19...

7.4AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/02/24 9:52 p.m.142 views

Tax Season Ushers in Quickbooks Data-Theft Spike

Cybercriminals are ready for tax season with new malware designed to exfiltrate Quickbooks data and post it on the internet, according to a new report from ThreatLocker. Attackers use email to deliver the malware, which the ThreatLocker’s CEO Danny Jenkins told Threatpost is a simple, 15-line pie...

0.4AI score
Exploits0References2
ThreatPost
ThreatPost
added 2020/10/01 9:5 p.m.36 views

Emotet Emails Strike Thousands of DNC Volunteers

On Thursday, hundreds of U.S. organizations were targeted by an Emotet spear-phishing campaign, which sent thousands of emails purporting to be from the Democratic National Committee and recruiting potential Democratic volunteers. Emotet has historically utilized a variety of lure themes leveragi...

0.4AI score
Exploits0References18
CNVD
CNVD
added 2020/09/14 12:0 a.m.6 views

Kingsoft WPS Office Remote Heap Corruption Vulnerability

WPS Office is an office software released by Kingsoft Corporation Kingsoft, which can be applied to the most commonly used functions of office software, such as text editing, spreadsheets and presentations. A remote heap corruption vulnerability exists in Kingsoft WPS Office versions prior to...

7.8CVSS7AI score0.01617EPSS
Exploits1References1
NVD
NVD
added 2020/09/13 8:15 p.m.22 views

CVE-2020-25291

GdiDrawHoriLineIAlt in Kingsoft WPS Office before 11.2.0.9403 allows remote heap corruption via a crafted PLTE chunk in PNG data within a Word document. This is related to QBrush::setMatrix in gui/painting/qbrush.cpp in Qt 4.x...

7.8CVSS0.01617EPSS
Exploits1References1
Prion
Prion
added 2020/09/13 8:15 p.m.18 views

Cross site request forgery (csrf)

GdiDrawHoriLineIAlt in Kingsoft WPS Office before 11.2.0.9403 allows remote heap corruption via a crafted PLTE chunk in PNG data within a Word document. This is related to QBrush::setMatrix in gui/painting/qbrush.cpp in Qt 4.x...

6.8CVSS7.7AI score0.01617EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/09/13 7:35 p.m.23 views

CVE-2020-25291

GdiDrawHoriLineIAlt in Kingsoft WPS Office before 11.2.0.9403 allows remote heap corruption via a crafted PLTE chunk in PNG data within a Word document. This is related to QBrush::setMatrix in gui/painting/qbrush.cpp in Qt 4.x...

7.7AI score0.01617EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2020/06/26 12:0 a.m.6 views

The vulnerability of the OpenOffice.org component of the Office software suite LibreOffice, related to the operation of exceeding the allowed data buffer limits, allows a hacker to trigger a service failure.

The vulnerability of the OpenOffice.org component of the LibreOffice office software package is related to the operation of functions that exceed acceptable data buffer limits. Exploiting this vulnerability could allow a malicious actor to cause service failures through the use of a specially...

7.1CVSS5.7AI score0.02876EPSS
Exploits1References7Affected Software4
The Hacker News
The Hacker News
added 2020/04/20 10:58 a.m.7 views

COVID-Themed Lures Target SCADA Sectors With Data Stealing Malware

A new malware campaign has been found using coronavirus-themed lures to strike government and energy sectors in Azerbaijan with remote access trojans RAT capable of exfiltrating sensitive documents, keystrokes, passwords, and even images from the webcam. The targeted attacks employ Microsoft Word...

5.9AI score
Exploits0
CNVD
CNVD
added 2020/04/16 12:0 a.m.3 views

Ascensio System ONLYOFFICE Document Server Input Validation Error Vulnerability

Ascensio System ONLYOFFICE Document Server is an online office collaboration suite from Ascensio System, Latvia. The product supports viewing and editing of text, spreadsheets and presentations, among others. An input validation error vulnerability exists in Ascensio System ONLYOFFICE Document...

9.8CVSS7.3AI score0.02236EPSS
Exploits0References1
HackRead
HackRead
added 2020/03/03 10:29 p.m.51 views

Hackers are using Word documents to drop NetSupport Manager RAT

By Sudais Asif Before dropping NetSupport Manager RAT, attackers trick users into opening a malicious MS Word document by entering a password. This is a post from HackRead.com Read the original post: Hackers are using Word documents to drop NetSupport Manager RAT...

2.4AI score
Exploits0
Atlassian
Atlassian
added 2020/01/21 9:36 p.m.99 views

Uploading a malformed Word document and requesting it repeatedly renders Confluence unavailable.

h3. Issue Summary From the researcher: There is a Denial of Service issue in the "Import Word Document" functionality of Confluence Server. When importing a specially crafted word or openoffice document see attached Confluence will throw an java.lang.OutOfMemoryError:. Background: A Word document...

6.8AI score
Exploits0Affected Software1
Malwarebytes
Malwarebytes
added 2019/12/03 6:6 p.m.65 views

New version of IcedID Trojan uses steganographic payloads

This blog post was authored by @hasherezade, with contributions from @siriurz and Jérôme Segura. Security firm Proofpoint recently published a report about a series of malspam campaigns they attribute to a threat actor called TA2101. Originally targeting German and Italian users with Cobalt Strik...

7.5AI score
Exploits0
NVD
NVD
added 2019/10/31 9:15 p.m.37 views

CVE-2018-3983

An exploitable uninitialized pointer vulnerability exists in the Word document parser of the the Atlantis Word Processor. A specially crafted document can cause an array fetch to return an uninitialized pointer and then performs some arithmetic before writing a value to the result. Usage of this...

8.8CVSS8AI score0.01458EPSS
Exploits1References1
CVE
CVE
added 2019/10/31 8:32 p.m.93 views

CVE-2018-3983

Summary: CVE-2018-3983 affects Atlantis Word Processor’s Word Document parser. An exploitable uninitialized pointer in the parsing pipeline can occur when handling the WordDocument structure (notably involving TTableRow/TField lists). A crafted .doc can cause an array fetch to return an uninitial...

8.8CVSS7.7AI score0.01458EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/10/31 8:32 p.m.41 views

CVE-2018-3983

An exploitable uninitialized pointer vulnerability exists in the Word document parser of the the Atlantis Word Processor. A specially crafted document can cause an array fetch to return an uninitialized pointer and then performs some arithmetic before writing a value to the result. Usage of this...

8.8CVSS7.7AI score0.01458EPSS
Exploits1References1
Carbon Black Blog
Carbon Black Blog
added 2019/03/20 7:14 p.m.1550 views

TAU Threat Intelligence Notification: NanoCore – Old Malware, New Tricks!

In analyzing the stream of raw emails seen in the wild, TAU discovered a campaign of what first appeared to be a fairly standard spear-phishing attack. The email contained a Word document which carried an exploit for CVE-2017-11882, a vulnerability that allows for Microsoft Office documents to ru...

9.3CVSS0.2AI score0.99945EPSS
Exploits33
Rows per page
Query Builder