CVE Watch
Every published CVE, mapped to engagement reality.
Crawled from cve.org every day. Each entry annotated with the QSearch coverage signal — how many of our agents, skills, and playbooks address the technique. Subscribe via RSS for SIEM pipe, or get the weekly digest by email.
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized ...
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
microsoftCWE-79Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized ...
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
microsoftCWE-79Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized ...
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CWE-79Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to disclose information locally
Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
CWE-122Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized ...
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
microsoftCWE-79Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized ...
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
microsoftCWE-79Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized ...
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
microsoftCWE-79Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
CWE-126Protection mechanism failure in Microsoft Office Excel allows an unauthorized attacker to bypass a security feature locally
Protection mechanism failure in Microsoft Office Excel allows an unauthorized attacker to bypass a security feature locally.
CWE-693Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.
CWE-125Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Office SharePoint allows an authorized attack...
Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
microsoftCWE-22Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized ...
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
microsoftCWE-79Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) mishandle the authentication of AAD (Additional Authe...
Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) mishandle the authentication of AAD (Additional Authenticated Data) with an empty ciphertext allowing a forgery of such messages. Impact summary: An attacker can forge empty messages with arbitrary AAD to the victim's application using these ciphers. AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) are nonce-misuse-resistant AEAD modes: they accept a key, nonce, optional AAD (bytes that are authenticated but not encrypted), and plaintext, and produces ciphertext plus a 16-byte tag. On decrypt, `EVP_DecryptFinal_ex()` is documented to return success only if the tag is verified succesfully. In OpenSSL's provider implementation of these ciphers, the expected tag is computed only when decryption function is invoked with non-empty data. If the caller supplies AAD and then calls `EVP_DecryptFinal_ex()` without invocation of the ciphertext update, which can happen when the received ciphertext length is zero, the tag is never recalculated and still holds its all-zeros value. When AES-GCM-SIV is used, an attacker who sends arbitrary AAD, empty ciphertext, and all-zeros tag passes authentication under any key they do not know, single-shot. When AES-SIV is used, for mounting the attack it's necessary for the application to reuse the decryption context without resetting the key. AES-SIV is implemented since OpenSSL 3.0. AES-GCM-SIV is implemented since OpenSSL 3.2. No protocols implemented in OpenSSL itself (TLS/CMS/PKCS7/HPKE/QUIC) support either AES-GCM-SIV or AES-SIV. To mount an attack, the applications must implement their own protocol and use the EVP interface. Also they must skip the ciphertext update when a message with an empty ciphertext arrives. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as these algorithms are not FIPS approved and the affected code is outside the OpenSSL FIPS module boundary.
CWE-325Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
CWE-125Stack-based buffer overflow in Windows DHCP Client allows an unauthorized attacker to execute code over a network
Stack-based buffer overflow in Windows DHCP Client allows an unauthorized attacker to execute code over a network.
CWE-121Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally
Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally.
CWE-122CWE-125Use after free in Windows Network Controller (NC) Host Agent allows an authorized attacker to deny service locally
Use after free in Windows Network Controller (NC) Host Agent allows an authorized attacker to deny service locally.
CWE-416CWE-822Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally
Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.
microsoftCWE-200Exposure of sensitive information to an unauthorized actor in Windows Hyper-V allows an authorized attacker to disclose information locally
Exposure of sensitive information to an unauthorized actor in Windows Hyper-V allows an authorized attacker to disclose information locally.
microsoftCWE-200Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally
Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.
CWE-200
4.6 MEDIUM
3.3 LOW
9.8 CRITICALWeekly digest
Get the curated CVE digest every Monday
One email a week, sent Monday morning CET. The CVEs published or modified in the last seven days, severity-ordered, with the QSearch coverage signal. Unsubscribe with one click — included in every send.
Pipe the CVE feed into your stack.
CVE Watch publishes RSS, Atom, and JSON feeds — wire them into your SIEM, Slack, Discord, or your RSS reader of choice. Or get the curated weekly digest by email.