Lucene search
K

7 matches found

Prion
Prion
added 2022/06/01 8:15 p.m.40 views

Remote code execution

A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs,...

9.3CVSS8.3AI score0.99374EPSS
Exploits62References2Affected Software4
Microsoft CVE
Microsoft CVE
added 2021/12/16 8:0 a.m.114 views

Apache Log4j Remote Code Execution Vulnerability

Certain versions of Apache Log4j2 are vulnerable to a remote code execution vulnerability. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. Microsoft is not aware of any impact to th...

10CVSS10AI score0.99999EPSS
Exploits349
NVD
NVD
added 2021/11/24 1:15 a.m.14 views

CVE-2021-42306

An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential on an Azure AD Application or Service Principal which is not recommended. This vulnerability allows a user or service in the...

8.1CVSS0.03082EPSS
Exploits0References1
Prion
Prion
added 2021/11/24 1:15 a.m.20 views

Information disclosure

An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential? on an Azure AD Application or Service Principal which is not recommended. This vulnerability allows a user or service in the...

4CVSS7.6AI score0.03082EPSS
Exploits0References1Affected Software4
Microsoft CVE
Microsoft CVE
added 2021/11/17 8:0 a.m.62 views

Azure Active Directory Information Disclosure Vulnerability

An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential on an Azure AD Application or Service Principal which is not recommended. This vulnerability allows a user or service in the...

8.1CVSS6.9AI score0.03082EPSS
Exploits0
ThreatPost
ThreatPost
added 2010/03/29 6:8 p.m.8 views

Microsoft Readies Emergency IE Patch to Thwart Attacks

In the face of an uptick in hacker attacks targeting a zero-day flaw in its Internet Explorer browser, Microsoft has announced plans to ship an emergency IE patch tomorrow March 30, 2010. The out-of-band update comes exactly 21 days after Microsoft said it was aware of targeted attacks against...

1.3AI score
Exploits0References3
CISA
CISA
added 2010/03/03 12:0 a.m.11 views

Microsoft Re-Releases Security Bulletin MS10-015

Microsoft has re-released the security update described in Microsoft Security Bulletin MS10-015. This release contains an updated installation package that does not allow the security update to be installed on computers infected with malicious code. Microsoft has also released a Fix-It Tool to...

6.6AI score
Exploits0References5
Rows per page
Query Builder