Lucene search
K

142544 matches found

BDU FSTEC
BDU FSTEC
added 4 hours ago17 views

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

8.4CVSS6AI score0.00456EPSS
Exploits0References2
Nuclei
Nuclei
added 9 hours ago4229 views

Microsoft OWA Exchange Server 2003 - 'redir.asp' Open Redirection

Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft Outlook Web Access OWA for Exchange Server 2003 SP2 aka build 6.5.7638 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the URL parameter. id: CVE-2008-1547 info: name:...

4.3CVSS6.2AI score0.45927EPSS
Exploits2References5
Nuclei
Nuclei
added 9 hours ago1417 views

Microsoft FrontPage Extensions - Information Disclosure

Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /vtibin/ virtual directory. id: CVE-2000-0114 info: name: Microsoft FrontPage Extensions - Information Disclosure author: r3naissance,matejsmycka severity...

5CVSS6.1AI score0.47595EPSS
Exploits1References3
The Hacker News
The Hacker News
added yesterday6 views

Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft

A new phishing-as-a-service PhaaS operation called Forg365 is using a combination of device code phishing, adversary-in-the-middle AitM tactics, antibot evasion, artificial intelligence AI-assisted lure creation, and post-compromise mailbox operations targeting Microsoft 365 accounts. Distributed...

6.1AI score
Exploits0
Nuclei
Nuclei
added yesterday82 views

Pallets Werkzeug <0.15.5 - Local File Inclusion

Pallets Werkzeug before 0.15.5 is susceptible to local file inclusion because SharedDataMiddleware mishandles drive names such as C: in Windows pathnames. id: CVE-2019-14322 info: name: Pallets Werkzeug 0.15.5 - Local File Inclusion author: madrobot severity: high description: | Pallets Werkzeug...

7.5CVSS7AI score0.55526EPSS
Exploits7References5
Nuclei
Nuclei
added yesterday249 views

Microsoft SharePoint - Authentication Bypass

Microsoft SharePoint Server Elevation of Privilege Vulnerability id: CVE-2023-29357 info: name: Microsoft SharePoint - Authentication Bypass author: pdteam severity: critical description: | Microsoft SharePoint Server Elevation of Privilege Vulnerability impact: | Unauthenticated attackers can...

9.8CVSS7.1AI score0.99649EPSS
Exploits10References5
Nuclei
Nuclei
added yesterday59 views

Microsoft SharePoint Server - Remote Code Execution (ToolShell)

Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network. This vulnerability is part of the ToolShell exploit chain and when combined with CVE-2025-53771 authentication bypass, enables unauthenticated remote code...

9.8CVSS7.3AI score0.99979EPSS
Exploits41References4
Nuclei
Nuclei
added yesterday74 views

Microsoft Exchange Server - Cross-Site Scripting

Microsoft Exchange Server, or OWA, is vulnerable to a cross-site scripting vulnerability in refurl parameter of frowny.asp. id: CVE-2021-31195 info: name: Microsoft Exchange Server - Cross-Site Scripting author: infosecsanyam severity: medium description: Microsoft Exchange Server, or OWA, is...

8.8CVSS6.8AI score0.73676EPSS
Exploits3References5
Nuclei
Nuclei
added yesterday85 views

Microsoft SQL Server Reporting Services - Remote Code Execution

Microsoft SQL Server Reporting Services is vulnerable to a remote code execution vulnerability because it incorrectly handles page requests. id: CVE-2020-0618 info: name: Microsoft SQL Server Reporting Services - Remote Code Execution author: joeldeleep severity: high description: Microsoft SQL...

9.8CVSS7.4AI score0.99022EPSS
Exploits14References5
Nuclei
Nuclei
added yesterday79 views

Microsoft SharePoint - Remote Code Execution

Microsoft SharePoint is vulnerable to a remote code execution when the software fails to check the source markup of an application package. id: CVE-2020-16952 info: name: Microsoft SharePoint - Remote Code Execution author: dwisiswant0 severity: high description: Microsoft SharePoint is vulnerabl...

8.6CVSS7.4AI score0.70894EPSS
Exploits5References5
NVD
NVD
added 2 days ago16 views

CVE-2026-58596

Untrusted pointer dereference in Microsoft Edge Chromium-based allows an unauthorized attacker to elevate privileges over a network...

8.3CVSS0.00461EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago36 views

CVE-2026-58596 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

...

8.3CVSS0.00461EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago11 views

EUVD-2026-43239

Untrusted pointer dereference in Microsoft Edge Chromium-based allows an unauthorized attacker to elevate privileges over a network...

8.3CVSS6.1AI score0.00461EPSS
Exploits0References1
CVE
CVE
added 2 days ago29 views

CVE-2026-58596

Microsoft Edge (Chromium-based) contains CVE-2026-58596: an untrusted pointer dereference that allows an unauthenticated attacker to elevate privileges over a network. The CVSSv3.1 vector is AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H with a base score of 8.3 (HIGH). Impact affects confidentiality, integ...

8.3CVSS6.1AI score0.00461EPSS
Exploits0References1Affected Software1
NVD
NVD
added 3 days ago7 views

CVE-2026-58281

Deserialization of untrusted data in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

8.3CVSS0.00704EPSS
Exploits0References1
EUVD
EUVD
added 3 days ago5 views

EUVD-2026-43191

Deserialization of untrusted data in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

8.3CVSS6.2AI score0.00704EPSS
Exploits0References1
CVE
CVE
added 3 days ago19 views

CVE-2026-58281

CVE-2026-58281 — Microsoft Edge (Chromium-based) Root cause: Deserialization of untrusted data in Edge may allow remote code execution. The vulnerability is exploitable over a network and falls under a high severity (CVSS v3.1 base score 8.3; AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H). Impact: Unauthor...

8.3CVSS6.2AI score0.00704EPSS
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 5 days ago20 views

GodDamn Ransomware Uses PoisonX Driver to Disable Endpoint Defenses

Cybersecurity researchers have flagged a new ransomware family called GodDamn that employs the PoisonX kernel driver to neutralize security software as part of its defense evasion strategy. According to a new report published by the Threat Hunter Team from Symantec, the ransomware was first...

6AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 5 days ago4 views

libXfont2 PCF Font Parsing Heap Buffer Overflow

...

8.8CVSS6.1AI score0.00529EPSS
Exploits0
Cvelist
Cvelist
added 6 days ago30 views

CVE-2026-58525 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

...

8.2CVSS0.00362EPSS
Exploits0References1
Rows per page
Query Builder