3547 matches found
Microsoft OWA Exchange Server 2003 - 'redir.asp' Open Redirection
Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft Outlook Web Access OWA for Exchange Server 2003 SP2 aka build 6.5.7638 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the URL parameter. id: CVE-2008-1547 info: name:...
CalPhishing Scam Uses EvilTokens Kit, Outlook Invites to Steal M365 Sessions
Hackers are exploiting Outlook calendar invites and device code phishing to steal M365 session tokens, bypass MFA and breach enterprise accounts...
Microsoft Exchange Server Cross-Site Scripting Vulnerability
Microsoft Exchange Server contains a cross-site scripting vulnerability during web page generation in Outlook Web Access and when certain interaction conditions are met, arbitrary JavaScript can be executed in the browser context...
CVE-2026-42893 Microsoft Outlook for iOS Tampering Vulnerability
...
CVE-2026-42893
CVE-2026-42893 concerns Improper neutralization of special elements used in a command (command injection) in M365 Copilot, leading to potential tampering over a network. Connected records identify affected software as Microsoft Outlook for iOS and M365 Copilot, with the issue described as command...
CVE-2026-42893 Microsoft Outlook for iOS Tampering Vulnerability
...
Microsoft Outlook for iOS Tampering Vulnerability
Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to perform tampering over a network...
TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms
Threat hunters have flagged a previously undocumented Brazilian banking trojan dubbed TCLBANKER that's capable of targeting 59 banking, fintech, and cryptocurrency platforms. The activity is being tracked by Elastic Security Labs under the moniker REF3076. The malware family is assessed to be a...
Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API
The threat actor known as Harvester has been attributed to a new Linux version of its GoGra backdoor deployed as part of attacks likely targeting entities in South Asia. "The malware uses the legitimate Microsoft Graph API and Outlook mailboxes as a covert command-and-control C2 channel, allowing...
Exploit for Improper Input Validation in Microsoft
CVE-2024-21413 | Microsoft Outlook Remote Code Execution Vulne...
CVE-2019-25476
Outlook Password Recovery 2.10 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload. Attackers can create a malicious text file containing 6000 bytes of data and paste it into the User Name and Registration Code field to...
Microsoft多款产品 安全漏洞
Microsoft Excel is a product of the American company Microsoft. Microsoft Excel is a spreadsheet processing software within the Office suite. Microsoft Edge is a web browser that comes with systems running Windows 10 and later versions. Microsoft Word is a word processing software within the Offi...
KLA90936 OSI vulnerability in Microsoft Office
An information disclosure vulnerability was found in Microsoft Office. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2026-26133 Exploitation Related products Microsoft-Outlook Microsoft-Excel Microsoft-Word CVE list CVE-2026-26133 high...
EUVD-2019-19754
Outlook Password Recovery 2.10 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload. Attackers can create a malicious text file containing 6000 bytes of data and paste it into the User Name and Registration Code field to...
CVE-2019-25476
Outlook Password Recovery 2.10 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload. Attackers can create a malicious text file containing 6000 bytes of data and paste it into the User Name and Registration Code field to...
CVE-2019-25476
Outlook Password Recovery 2.10 is affected by a local buffer overflow vulnerability that can crash the app by supplying a 6000-byte payload in the User Name and Registration Code fields, causing a denial‑of‑service. CVSS metrics show a base score around 6.xx (local, low complexity, availability i...
CVE-2019-25476
Outlook Password Recovery 2.10 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload. Attackers can create a malicious text file containing 6000 bytes of data and paste it into the User Name and Registration Code field to...
CVE-2019-25476 Outlook Password Recovery 2.10 Denial of Service Buffer Overflow
Outlook Password Recovery 2.10 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload. Attackers can create a malicious text file containing 6000 bytes of data and paste it into the User Name and Registration Code field to...
CVE-2019-25476 Outlook Password Recovery 2.10 Denial of Service Buffer Overflow
Outlook Password Recovery 2.10 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload. Attackers can create a malicious text file containing 6000 bytes of data and paste it into the User Name and Registration Code field to...
Top Password Outlook Password Recovery 缓冲区错误漏洞
Top Password Outlook Password Recovery is a password recovery tool developed by Top Password. Version 2.10 of Top Password Outlook Password Recovery has a buffer error vulnerability. This vulnerability stems from buffer overflows in the username and registration code fields, which could allow loc...