133 matches found
CVE-2026-21219
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...
CVE-2026-21219 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability
...
Microsoft Inbox COM Objects 资源管理错误漏洞
Microsoft Inbox COM Objects is a built-in COM component for the Windows operating system from Microsoft Corporation USA. A resource management error vulnerability exists in Microsoft Inbox COM Objects. An attacker can exploit this vulnerability to remotely execute code...
Yet another DCOM object for lateral movement
Introduction If you're a penetration tester, you know that lateral movement is becoming increasingly difficult, especially in well-defended environments. One common technique for remote command execution has been the use of DCOM objects. Over the years, many different DCOM objects have been...
VulnCheck KEV: CVE-2020-1066
An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level.To exploit the vulnerability, an attacker would first have to access the local machine, and then run a malicious program.The update addresses the vulnerability by...
CVE-2021-43768
In Malwarebytes For Teams v.1.0.990 and before and fixed in v.1.0.1003 and later a privilege escalation can occur via the COM interface running in mbamservice.exe...
EUVD-2021-30675
In Malwarebytes For Teams v.1.0.990 and before and fixed in v.1.0.1003 and later a privilege escalation can occur via the COM interface running in mbamservice.exe...
CVE-2021-43768
CVE-2021-43768 affects Malwarebytes For Teams up to v1.0.990; the issue is a privilege escalation via the COM interface running in mbamservice.exe. It is fixed in v1.0.1003 and later. Affected component is the COM interface, which can be leveraged to elevate privileges within the host. Remediatio...
EUVD-2025-34399
Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...
CVE-2025-58738
CVE-2025-58738 is a local-execution vulnerability caused by a use-after-free in Inbox COM Objects. Reported impact: unauthorized code execution on the affected system with local attacker access. Documented impact aligns with high-severity CVSS metrics (AV: Local, AC: High, PR: None, UI: Required;...
CVE-2025-58738 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability
...
CVE-2025-58725
CVE-2025-58725 is described in connected documents as a heap-based buffer overflow in Windows COM that allows a locally authenticated attacker to elevate privileges. The CVE is associated with Windows COM components, with a CVSS v3.1 score of 7.0 (Local, High impact, Privilege escalation) and Exp...
CVE-2025-59282 Internet Information Services (IIS) Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability
...
CVE-2025-58732 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability
...
CVE-2025-9437
A security issue exists within the Studio 5000 Logix Designer add-on profile AOP for the ArmorStart Classic distributed motor controller, resulting in denial-of-service. This vulnerability is possible due to the input of invalid values into Component Object Model COM methods...
CVE-2025-9437 Rockwell Automation ArmorStart® AOP Denial-of-Service Vulnerability
A security issue exists within the Studio 5000 Logix Designer add-on profile AOP for the ArmorStart Classic distributed motor controller, resulting in denial-of-service. This vulnerability is possible due to the input of invalid values into Component Object Model COM methods...
CVE-2025-9437 Rockwell Automation ArmorStart® AOP Denial-of-Service Vulnerability
A security issue exists within the Studio 5000 Logix Designer add-on profile AOP for the ArmorStart Classic distributed motor controller, resulting in denial-of-service. This vulnerability is possible due to the input of invalid values into Component Object Model COM methods...
Microsoft Windows COM 安全漏洞
Microsoft Windows COM is a technology for the purpose of reusing software from Microsoft Corporation USA.COM is described as a platform-independent, decentralized, object-oriented system for creating interactive binary software components. A security vulnerability exists in Microsoft Windows COM...
PT-2025-42067
Name of the Vulnerable Software and Affected Versions versions prior to 2025-58731 Description A use after free issue exists in Inbox COM Objects, potentially allowing an unauthorized attacker to execute code locally. Recommendations At the moment, there is no information about a newer version th...
PT-2025-42061
Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description A heap-based buffer overflow exists in Windows COM. An authorized attacker with local access can exploit this flaw to elevate privileges. Successful exploitation could lead to code execution...