Search Results | AttackerKB

417 Total Results

Displaying 21-30 of 417

Attacker Value

Unknown

CVE-2025-21362

Disclosure Date: January 14, 2025 (last updated January 18, 2025)

Microsoft Excel Remote Code Execution Vulnerability

Attacker Value

Unknown

CVE-2024-43106

Disclosure Date: December 18, 2024 (last updated December 20, 2024)

A library injection vulnerability exists in Microsoft Excel 16.83 for macOS. A specially crafted library can leverage Excel's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.

Attacker Value

Unknown

CVE-2024-8326

Disclosure Date: December 17, 2024 (last updated December 18, 2024)

The s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 241114 via the 'sc_get_details' function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including user data and database configuration information, which can lead to reading, updating, or dropping database tables. The vulnerability was partially patched in version 241114.

Attack Vector: Network Privileges: Low User Interaction: None