Lucene search
K

91 matches found

NVD
NVD
added 2026/06/26 9:16 p.m.8 views

CVE-2026-52884

Notepad++ is a free and open-source source code editor. In v8.9.6.1, isInTrustedDirectory does NOT canonicalize the path before checking. It uses a prefix-based check PathIsPrefix or equivalent that matches paths starting with trusted directory strings. A path traversal using ....\ after a truste...

7.8CVSS0.00155EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/26 8:21 p.m.7 views

CVE-2026-48778

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, the tag in config.xml is read by NppXml::value Parameters.cpp:6430 and stored in nppGUI.commandLineInterpreter without any validation, whitelist, or digital signature check. When the user triggers IDMFILEOPENCMD File → Open...

7.8CVSS5.8AI score0.01314EPSS
Exploits5References3Affected Software1
CVE
CVE
added 2026/06/26 8:12 p.m.68 views

CVE-2026-48800

Notepad++ prior to 8.9.6.1 is affected by CVE-2026-48800 where the content inside in shortcuts.xml is read without validation and used to build a Run menu item that ShellExecute() executes. The attacker-controlled string becomes the executable path when the user clicks the Run menu entry, enabl...

7.8CVSS5.8AI score0.0036EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2026/06/26 8:11 p.m.23 views

CVE-2026-52884 Notepad++: CVE-2026-48800 Bypass

Notepad++ is a free and open-source source code editor. In v8.9.6.1, isInTrustedDirectory does NOT canonicalize the path before checking. It uses a prefix-based check PathIsPrefix or equivalent that matches paths starting with trusted directory strings. A path traversal using ....\ after a truste...

7.8CVSS0.00155EPSS
Exploits1References2
NVD
NVD
added 2025/11/14 7:16 p.m.4 views

CVE-2025-63680

Nero BackItUp in the Nero Productline is vulnerable to a path parsing/UI rendering flaw CWE-22 that, in combination with Windows ShellExecuteW fallback extension resolution, leads to arbitrary code execution when a user clicks a crafted entry. By creating a trailing-dot folder and placing a...

8.6CVSS0.00267EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-12527

Malware in sbrugna...

9.3CVSS8.8AI score0.0417EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2005-1048

Malware in sbrugna...

7.5CVSS6.4AI score0.0221EPSS
Exploits0References7
0day.today
0day.today
added 2024/09/14 12:0 a.m.436 views

Windows Escalate UAC Execute RunAs Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Escalate UAC Execute RunAs', 'Description' = %q This module will attempt to elevate execution level using the ShellExecute undocumented...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/12 12:0 a.m.318 views

Windows Escalate UAC Execute RunAs

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Escalate UAC Execute RunAs', 'Description' = %q This module will attempt to elevate execution level using the ShellExecute undocumented...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/08 12:0 a.m.452 views

Microsoft Excel 365 MSO (Version 2302 Build 16.0.16130.20186) 64-bit - Remote Code Execution (RCE)

Exploit Title: Microsoft Excel 365 MSO Version 2302 Build 16.0.16130.20186 64-bit - Remote Code Execution RCE Exploit Author: nu11secur1ty Date: 03.16.2023 Vendor: https://www.microsoft.com/en-us/microsoft-365/excel Software: https://www.microsoft.com/en-us/microsoft-365/excel Reference:...

7.8CVSS7.8AI score0.02532EPSS
Exploits3
SUSE CVE
SUSE CVE
added 2023/02/15 3:45 a.m.3 views

SUSE CVE-2021-25631

In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an executable type...

9.3CVSS6.9AI score0.0417EPSS
Exploits1References3
Kitploit
Kitploit
added 2022/08/12 12:30 p.m.120 views

OffensiveVBA - Code Execution And AV Evasion Methods For Macros In Office Documents

In preparation for a VBS AV Evasion Stream/Video I was doing some research for Office Macro code execution methods and evasion techniques. The list got longer and longer and I found no central place for offensive VBA templates - so this repo can be used for such. It is very far away from being...

8.1AI score
Exploits0References63
NVD
NVD
added 2021/05/03 12:15 p.m.46 views

CVE-2021-25631

In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an executable type...

9.3CVSS0.0417EPSS
Exploits1References2
OSV
OSV
added 2021/05/03 12:15 p.m.3 views

CVE-2021-25631

In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an executable type...

8.8CVSS5.8AI score0.0417EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2021/05/03 12:15 p.m.48 views

CVE-2021-25631

In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an executable type...

9.3CVSS7.3AI score0.0417EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2021/05/03 11:10 a.m.706 views

CVE-2021-25631

In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an executable type...

9.3CVSS8.7AI score0.0417EPSS
Exploits1
CVE
CVE
added 2021/05/03 11:10 a.m.1332 views

CVE-2021-25631

CVE-2021-25631 affects LibreOffice 7-1 (before 7.1.2) and 7-0 (before 7.0.5). The issue allows bypassing the denylist by manipulating a link so it no longer matches the denylist but triggers ShellExecute to launch an executable type, enabling arbitrary code execution under Windows. Affected produ...

9.3CVSS8.6AI score0.0417EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2021/05/03 11:10 a.m.26 views

CVE-2021-25631

In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an executable type...

9.3CVSS8.7AI score0.0417EPSS
Exploits1
Kitploit
Kitploit
added 2020/08/26 12:30 p.m.37 views

ezEmu - Simple Execution Of Commands For Defensive Tuning/Research

ezEmu enables users to test adversary behaviors via various execution techniques. Sort of like an "offensive framework for blue teamers ", ezEmu does not have any networking/C2 capabilities and rather focuses on creating local test telemetry. Windows See /Linux for ELF ezEmu is compiled as...

7.1AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2020/02/13 12:0 a.m.10 views

.NET Partial-Trust bypass via browser command-line injection in System.Windows.Forms.Help

A command-line injection vulnerability exists in the core .NET class System.Windows.Forms.Help::ShowHelp function allowing an attacker without “UnmanagedCode” permission to nevertheless directly control arguments passed to a “ShellExecute” invocation of the users’ default browser. This...

4.7AI score
Exploits0References1
Rows per page
Query Builder