Lucene search
+L

99 matches found

NCSC
NCSC
added 2023/11/14 12:0 a.m.9 views

Vulnerabilities fixed in Microsoft Azure

Microsoft has fixed vulnerabilities in components of Azure. A malicious party could exploit the vulnerabilities to circumvent a security measure, execute arbitrary code with the victim's privileges or gain access to sensitive data. Azure:...

8.8CVSS7AI score0.21542EPSS
Exploits0
Kaspersky
Kaspersky
added 2023/10/04 12:0 a.m.32 views

KLA61135 DoS vulnerability in Microsoft Browser

Type confusion vulnerability was found in Microsoft Browser. Malicious users can exploit this vulnerability to cause denial of service. Original advisories CVE-2023-5346 Related products Microsoft-Edge CVE list CVE-2023-5346 critical KB list Solution Install necessary updates from the Settings an...

8.8CVSS8.6AI score0.01738EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2023/09/29 12:0 a.m.32 views

KLA61592 DoS vulnerability in Microsoft Office

Heap buffer overflow vulnerability was found in Microsoft Office. Malicious users can exploit this vulnerability to cause denial of service. Original advisories CVE-2023-5217 Exploitation Public exploits exist for this vulnerability. Related products Microsoft-Teams-for-Desktop CVE list...

8.8CVSS10AI score0.49013EPSS
Exploits3References3
Kaspersky
Kaspersky
added 2023/08/15 12:0 a.m.24 views

KLA52323 Multiple vulnerabilities in Microsoft Office

A spoofing vulnerability was found in Microsoft Office. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2023-36769 Related products Microsoft-Office CVE list CVE-2023-36769 high KB list 4484434 4022167 Solution Install necessary updates from the KB...

5.4CVSS5.5AI score0.00423EPSS
Exploits0References5
NCSC
NCSC
added 2023/08/08 12:0 a.m.7 views

Vulnerability fixed in Microsoft SQL Server

Microsoft has fixed a vulnerability in OLEDB, a component used by clients to communicate with SQL Server. A malicious party could exploit the vulnerability to execute arbitrary execute arbitrary code on the client using OLEDB. The malicious party must trick the victim into contacting a rogue SQL...

8.8CVSS7.9AI score0.01221EPSS
Exploits0
Kaspersky
Kaspersky
added 2023/06/15 12:0 a.m.26 views

KLA50362 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in WebRTC can be exploited to cause denial of service or...

8.8CVSS9.8AI score0.13813EPSS
Exploits0References7
Kaspersky
Kaspersky
added 2023/06/06 12:0 a.m.37 views

KLA49380 DoS vulnerability in Microsoft Browser

Type confusion vulnerability was found in Microsoft Browser. Malicious users can exploit this vulnerability to cause denial of service. Original advisories CVE-2023-3079 Exploitation Public exploits exist for this vulnerability. Related products Microsoft-Edge CVE list CVE-2023-3079 critical KB...

8.8CVSS8.9AI score0.32724EPSS
Exploits2References3
Kaspersky
Kaspersky
added 2023/04/20 12:0 a.m.36 views

KLA49015 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Out of bounds memory access vulnerability in Service Worker API can be exploited to cause...

8.8CVSS9AI score0.0112EPSS
Exploits0References6
Kaspersky
Kaspersky
added 2023/04/19 12:0 a.m.41 views

KLA48976 ACE vulnerability in Microsoft Browser

Integer overflow vulnerability was found in Microsoft Browser. Malicious users can exploit this vulnerability to execute arbitrary code, cause denial of service. Original advisories CVE-2023-2136 Related products Microsoft-Edge CVE list CVE-2023-2136 critical KB list Solution Install necessary...

9.6CVSS9.9AI score0.05786EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2023/04/15 12:0 a.m.55 views

KLA48961 DoS vulnerability in Microsoft Browser

Type confusion vulnerability was found in Microsoft Browser. Malicious users can exploit this vulnerability to cause denial of service. Original advisories CVE-2023-2033 Exploitation Public exploits exist for this vulnerability. Malware exists for this vulnerability. Usually such malware is...

8.8CVSS8.9AI score0.40798EPSS
Exploits1References4
Kaspersky
Kaspersky
added 2023/04/11 12:0 a.m.37 views

KLA48838 Multiple vulnerabilities in Microsoft Dynamics

Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to spoof user interface. Below is a complete list of vulnerabilities: 1. A cross-site-scripting XSS vulnerability Microsoft Dynamics 365 Customer Voice can be exploited remotely to spoof...

7.6CVSS6.1AI score0.00748EPSS
Exploits0References7
NCSC
NCSC
added 2023/02/14 12:0 a.m.6 views

Vulnerabilities fixed in Microsoft SQL Server

Microsoft has fixed vulnerabilities in SQL Server and Power BI. An authenticated malicious person could exploit the vulnerabilities to execute arbitrary code, possibly with permissions from the server process itself. SQL Server: |----------------|------|-------------------------------------| | CV...

8.8CVSS7.6AI score0.01755EPSS
Exploits0
NCSC
NCSC
added 2023/02/14 12:0 a.m.11 views

Vulnerabilities fixed in Microsoft Exchange

Microsoft has fixed vulnerabilities in Exchange Server. A authenticated malicious person could exploit the vulnerabilities to execute arbitrary code under permissions from the process of Exchange Server itself. As a rule, Exchange Server runs with restricted privileges. Microsoft Exchange Server:...

8.8CVSS7AI score0.8202EPSS
Exploits0
Kaspersky
Kaspersky
added 2023/02/14 12:0 a.m.80 views

KLA20228 OSI vulnerability in Microsoft Device

An information disclosure vulnerability was found in Microsoft Device. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2019-15126 CVE list CVE-2019-15126 warning Solution Install necessary updates from the KB section, that are listed in your...

3.1CVSS4.9AI score0.07709EPSS
Exploits7References2
NCSC
NCSC
added 2023/01/11 12:0 a.m.37 views

Vulnerabilities fixed in Microsoft Office

Vulnerabilities have been fixed in Microsoft Office. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Circumvention of security measure. Remote code execution User rights Access to sensitive data Microsoft Office:...

8.8CVSS6.9AI score0.55786EPSS
Exploits1
NCSC
NCSC
added 2022/09/13 12:0 a.m.7 views

Vulnerabilities fixed in Microsoft Azure

A vulnerability has been fixed in Microsoft Azure. A authenticated malicious party could potentially abuse it to obtain elevated privileges and execute arbitrary code under root privileges. Microsoft indicates that proof-of-concept code is known for this vulnerability. Microsoft has made updates...

7.8CVSS7.2AI score0.00627EPSS
Exploits0
NCSC
NCSC
added 2022/09/13 12:0 a.m.3 views

Vulnerability fixed in Microsoft Defender

Microsoft has fixed a vulnerability in Defender Endpoint for macOS. A local, authenticated malicious party can exploit the exploit the vulnerability to grant itself elevated privileges and thus execute code with SYSTEM/root privileges. Microsoft has made updates available that fix the described...

7.8CVSS6.9AI score0.00478EPSS
Exploits0
NCSC
NCSC
added 2022/06/14 12:0 a.m.4 views

Vulnerability fixed in Microsoft Edge

A vulnerability has been fixed in Microsoft Edge. A remote malicious person could potentially exploit the vulnerability to execute arbitrary code. Because it is possible to get out of Edge's sandbox environment, execution of code at the SYSTEM level cannot be ruled out. Abuse requires that the...

8.3CVSS7.3AI score0.02839EPSS
Exploits0
NCSC
NCSC
added 2022/02/08 12:0 a.m.4 views

Vulnerabilities fixed in Microsoft Developer Tools

Vulnerabilities have been fixed in the Kestrel Web Server and Visual Studio Code. The vulnerabilities allow a malicious party to execute arbitrary code or cause a denial-of-service cause. The Denial-of-Service vulnerability with reference CVE-2022-21986 is located in the Kestrel web server. This...

8.1CVSS7.3AI score0.03739EPSS
Exploits0
Redos
Redos
added 2021/12/24 12:0 a.m.3 views

ROS-2-2160

2.2160 Apache Ant utility vulnerability CVE-2021-36374, CVE-2021-36373 1. Vulnerability Description: CVE-2021-36374 A vulnerability in the Apache Ant utility, is related to the application improperly controlling internal resource consumption when processing ZIP archives. Exploitation of the...

5.5CVSS7.7AI score0.0262EPSS
Exploits0
Rows per page
Query Builder