Lucene search
K

133 matches found

OSV
OSV
added 2026/01/13 6:16 p.m.5 views

CVE-2026-21219

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...

7CVSS5.9AI score0.0034EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/13 5:56 p.m.27 views

CVE-2026-21219 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability

...

7CVSS0.0034EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.6 views

Microsoft Inbox COM Objects 资源管理错误漏洞

Microsoft Inbox COM Objects is a built-in COM component for the Windows operating system from Microsoft Corporation USA. A resource management error vulnerability exists in Microsoft Inbox COM Objects. An attacker can exploit this vulnerability to remotely execute code...

7CVSS5.8AI score0.0034EPSS
Exploits0References1
Securelist
Securelist
added 2025/12/19 8:0 a.m.10 views

Yet another DCOM object for lateral movement

Introduction If you're a penetration tester, you know that lateral movement is becoming increasingly difficult, especially in well-defended environments. One common technique for remote command execution has been the use of DCOM objects. Over the years, many different DCOM objects have been...

7.2AI score
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2025/12/08 12:0 a.m.5 views

VulnCheck KEV: CVE-2020-1066

An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level.To exploit the vulnerability, an attacker would first have to access the local machine, and then run a malicious program.The update addresses the vulnerability by...

7.8CVSS5.8AI score0.02309EPSS
In wildExploits0References2
RedhatCVE
RedhatCVE
added 2025/10/25 12:43 a.m.9 views

CVE-2021-43768

In Malwarebytes For Teams v.1.0.990 and before and fixed in v.1.0.1003 and later a privilege escalation can occur via the COM interface running in mbamservice.exe...

5.3CVSS7.2AI score0.00226EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/24 3:31 p.m.7 views

EUVD-2021-30675

In Malwarebytes For Teams v.1.0.990 and before and fixed in v.1.0.1003 and later a privilege escalation can occur via the COM interface running in mbamservice.exe...

5.3CVSS6.6AI score0.00226EPSS
Exploits0References3
CVE
CVE
added 2025/10/24 12:0 a.m.11 views

CVE-2021-43768

CVE-2021-43768 affects Malwarebytes For Teams up to v1.0.990; the issue is a privilege escalation via the COM interface running in mbamservice.exe. It is fixed in v1.0.1003 and later. Affected component is the COM interface, which can be leveraged to elevate privileges within the host. Remediatio...

5.3CVSS6.8AI score0.00226EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/14 6:30 p.m.9 views

EUVD-2025-34399

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...

7CVSS7AI score0.00442EPSS
Exploits0References2
CVE
CVE
added 2025/10/14 5:1 p.m.32 views

CVE-2025-58738

CVE-2025-58738 is a local-execution vulnerability caused by a use-after-free in Inbox COM Objects. Reported impact: unauthorized code execution on the affected system with local attacker access. Documented impact aligns with high-severity CVSS metrics (AV: Local, AC: High, PR: None, UI: Required;...

7CVSS7.2AI score0.00327EPSS
Exploits0References1Affected Software12
Cvelist
Cvelist
added 2025/10/14 5:1 p.m.8 views

CVE-2025-58738 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability

...

7CVSS0.00327EPSS
Exploits0References1
CVE
CVE
added 2025/10/14 5:1 p.m.28 views

CVE-2025-58725

CVE-2025-58725 is described in connected documents as a heap-based buffer overflow in Windows COM that allows a locally authenticated attacker to elevate privileges. The CVE is associated with Windows COM components, with a CVSS v3.1 score of 7.0 (Local, High impact, Privilege escalation) and Exp...

7CVSS7AI score0.00236EPSS
Exploits0References1Affected Software16
Cvelist
Cvelist
added 2025/10/14 5:0 p.m.11 views

CVE-2025-59282 Internet Information Services (IIS) Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability

...

7CVSS0.00588EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/14 5:0 p.m.10 views

CVE-2025-58732 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability

...

7CVSS0.00442EPSS
Exploits0References1
NVD
NVD
added 2025/10/14 12:15 p.m.7 views

CVE-2025-9437

A security issue exists within the Studio 5000 Logix Designer add-on profile AOP for the ArmorStart Classic distributed motor controller, resulting in denial-of-service. This vulnerability is possible due to the input of invalid values into Component Object Model COM methods...

8.7CVSS0.00353EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/14 12:13 p.m.4 views

CVE-2025-9437 Rockwell Automation ArmorStart® AOP Denial-of-Service Vulnerability

A security issue exists within the Studio 5000 Logix Designer add-on profile AOP for the ArmorStart Classic distributed motor controller, resulting in denial-of-service. This vulnerability is possible due to the input of invalid values into Component Object Model COM methods...

8.7CVSS6.3AI score0.00353EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/14 12:13 p.m.7 views

CVE-2025-9437 Rockwell Automation ArmorStart® AOP Denial-of-Service Vulnerability

A security issue exists within the Studio 5000 Logix Designer add-on profile AOP for the ArmorStart Classic distributed motor controller, resulting in denial-of-service. This vulnerability is possible due to the input of invalid values into Component Object Model COM methods...

8.7CVSS0.00353EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/14 12:0 a.m.6 views

Microsoft Windows COM 安全漏洞

Microsoft Windows COM is a technology for the purpose of reusing software from Microsoft Corporation USA.COM is described as a platform-independent, decentralized, object-oriented system for creating interactive binary software components. A security vulnerability exists in Microsoft Windows COM...

7CVSS9AI score0.00236EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/14 12:0 a.m.5 views

PT-2025-42067

Name of the Vulnerable Software and Affected Versions versions prior to 2025-58731 Description A use after free issue exists in Inbox COM Objects, potentially allowing an unauthorized attacker to execute code locally. Recommendations At the moment, there is no information about a newer version th...

7CVSS9.2AI score0.00327EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/10/14 12:0 a.m.3 views

PT-2025-42061

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description A heap-based buffer overflow exists in Windows COM. An authorized attacker with local access can exploit this flaw to elevate privileges. Successful exploitation could lead to code execution...

7CVSS9.3AI score0.00236EPSS
Exploits0References4
Rows per page
Query Builder