Lucene search
K

8 matches found

hivepro
hivepro
added 2023/12/26 12:2 p.m.113 views

Zero-Click Outlook RCE Exploitation Chain in Windows

Summary: Two vulnerabilities CVE-2023-35384 and CVE-2023-36710 in Microsoft Windows can be chained to achieve remote code execution RCE on vulnerable Outlook clients. Attackers can exploit these flaws by sending a crafted email with a custom notification sound file to trigger the download of a...

4.4CVSS7.7AI score0.0159EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/08/09 12:0 a.m.72 views

Microsoft Windows Multiple Vulnerabilities (KB5029247)

This host is missing an important security update according to Microsoft KB5029247 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

9.8CVSS7.7AI score0.98998EPSS
Exploits5References3
OpenVAS
OpenVAS
added 2023/08/09 12:0 a.m.53 views

Microsoft Windows Multiple Vulnerabilities (KB5029244)

This host is missing an important security update according to Microsoft KB5029244 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

9.8CVSS7.7AI score0.98998EPSS
Exploits5References3
NVD
NVD
added 2023/08/08 6:15 p.m.37 views

CVE-2023-35384

Windows HTML Platforms Security Feature Bypass Vulnerability...

6.5CVSS7.3AI score0.0159EPSS
Exploits0References1
CVE
CVE
added 2023/08/08 5:8 p.m.184 views

CVE-2023-35384

CVE-2023-35384 is a Windows HTML Platform security feature bypass. The provided documents describe two vulnerabilities that can be chained to achieve remote code execution in Outlook: (1) the HTML security feature bypass allowing a crafted file or URL to evade security zone tagging, and (2) a Win...

6.5CVSS7.3AI score0.0159EPSS
Exploits0References1Affected Software12
Vulnrichment
Vulnrichment
added 2023/08/08 5:8 p.m.30 views

CVE-2023-35384 Windows HTML Platforms Security Feature Bypass Vulnerability

...

5.4CVSS6.8AI score0.0159EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/08/08 5:8 p.m.40 views

CVE-2023-35384 Windows HTML Platforms Security Feature Bypass Vulnerability

...

5.4CVSS8.1AI score0.0159EPSS
Exploits0References1
Kaspersky
Kaspersky
added 2023/08/08 12:0 a.m.117 views

KLA51710 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. An elevation...

9.8CVSS9.4AI score0.12053EPSS
Exploits2References53
Rows per page
Query Builder