CVE Watch
Every published CVE, mapped to engagement reality.
Crawled from cve.org every day. Each entry annotated with the QSearch coverage signal — how many of our agents, skills, and playbooks address the technique. Subscribe via RSS for SIEM pipe, or get the weekly digest by email.
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.
CWE-125Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Office SharePoint allows an authorized attack...
Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
microsoftCWE-22Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized ...
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
microsoftCWE-79Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) mishandle the authentication of AAD (Additional Authe...
Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) mishandle the authentication of AAD (Additional Authenticated Data) with an empty ciphertext allowing a forgery of such messages. Impact summary: An attacker can forge empty messages with arbitrary AAD to the victim's application using these ciphers. AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) are nonce-misuse-resistant AEAD modes: they accept a key, nonce, optional AAD (bytes that are authenticated but not encrypted), and plaintext, and produces ciphertext plus a 16-byte tag. On decrypt, `EVP_DecryptFinal_ex()` is documented to return success only if the tag is verified succesfully. In OpenSSL's provider implementation of these ciphers, the expected tag is computed only when decryption function is invoked with non-empty data. If the caller supplies AAD and then calls `EVP_DecryptFinal_ex()` without invocation of the ciphertext update, which can happen when the received ciphertext length is zero, the tag is never recalculated and still holds its all-zeros value. When AES-GCM-SIV is used, an attacker who sends arbitrary AAD, empty ciphertext, and all-zeros tag passes authentication under any key they do not know, single-shot. When AES-SIV is used, for mounting the attack it's necessary for the application to reuse the decryption context without resetting the key. AES-SIV is implemented since OpenSSL 3.0. AES-GCM-SIV is implemented since OpenSSL 3.2. No protocols implemented in OpenSSL itself (TLS/CMS/PKCS7/HPKE/QUIC) support either AES-GCM-SIV or AES-SIV. To mount an attack, the applications must implement their own protocol and use the EVP interface. Also they must skip the ciphertext update when a message with an empty ciphertext arrives. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as these algorithms are not FIPS approved and the affected code is outside the OpenSSL FIPS module boundary.
CWE-325Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
microsoftCWE-125Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally
Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally.
microsoftCWE-122CWE-125Use after free in Windows Network Controller (NC) Host Agent allows an authorized attacker to deny service locally
Use after free in Windows Network Controller (NC) Host Agent allows an authorized attacker to deny service locally.
microsoftCWE-416CWE-822Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally
Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.
microsoftCWE-200Exposure of sensitive information to an unauthorized actor in Windows Hyper-V allows an authorized attacker to disclose information locally
Exposure of sensitive information to an unauthorized actor in Windows Hyper-V allows an authorized attacker to disclose information locally.
microsoftCWE-200Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally
Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.
microsoftCWE-200Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally
Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.
microsoftCWE-200Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally
Use of uninitialized resource in Windows Push Notifications allows an authorized attacker to disclose information locally.
microsoftCWE-908Out-of-bounds read in Windows Telephony Service allows an authorized attacker to disclose information locally
Out-of-bounds read in Windows Telephony Service allows an authorized attacker to disclose information locally.
microsoftCWE-125Incorrect calculation of buffer size in Windows TCP/IP allows an authorized attacker to deny service over an adjacent network
Incorrect calculation of buffer size in Windows TCP/IP allows an authorized attacker to deny service over an adjacent network.
microsoftCWE-131Windows Kerberos Denial of Service Vulnerability
Windows Kerberos Denial of Service Vulnerability
microsoftCWE-125Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally.
microsoftCWE-200Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally.
microsoftCWE-200Null pointer dereference in Windows Kerberos allows an authorized attacker to deny service over a network
Null pointer dereference in Windows Kerberos allows an authorized attacker to deny service over a network.
microsoftCWE-476Issue summary: When the X509_VERIFY_PARAM_set1_email is called by an application to validate a crafted e-mail address, such as during S/M...
Issue summary: When the X509_VERIFY_PARAM_set1_email is called by an application to validate a crafted e-mail address, such as during S/MIME message validation, an out of bounds read can happen. Impact summary: This out of bounds read will not directly exfiltrate the data read to the attacker so the most likely result is a crash and a Denial of Service. An internal helper function called from X509_VERIFY_PARAM_[set|add]_email() used a wrong length when validating the local part of an email address. This could cause the 64 octet limit on the local part of an email address to be not enforced, or cause an out of bound read and potentially a crash. The bug is reachable via S-MIME validation with a crafted From: address supplied in an email message that can potentially cause a crash. No FIPS modules are affected by this issue as the affected code is outside the OpenSSL FIPS module boundary.
CWE-125Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the peer key is not properly checked for the subgro...
Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying the victim's p and g parameters, a forged q = r (a small prime factor of the cofactor (p−1)/q_local), and a public value Y of order r can recover the victim's private key after a small number of key exchange attempts. When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the subgroup membership check Y^q ≡ 1 (mod p) is performed using the peer's own q parameter, not the local key's q. The peer's domain parameters are then matched against the domain parameters of the private key, but the value of q is not compared. A malicious peer who presents an X9.42 key carrying the victim's p, g, a forged q = r (a small prime factor of the cofactor), and a public value Y of order r passes all checks. The shared secret then takes only r distinct values, leaking priv mod r. Repeating for each small-prime factor of the cofactor and combining via CRT recovers the full private key (Lim–Lee / small-subgroup-confinement attack). The realistic attack surface is narrow: principally CMP deployments with long-lived RA/CA DHX keys and bespoke enterprise or government applications using X9.42 DHX static keys with interactive protocols and therefore this issue was assigned Low severity. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are affected by this issue.
CWE-325
3.3 LOW
6.5 MEDIUMWeekly digest
Get the curated CVE digest every Monday
One email a week, sent Monday morning CET. The CVEs published or modified in the last seven days, severity-ordered, with the QSearch coverage signal. Unsubscribe with one click — included in every send.
Pipe the CVE feed into your stack.
CVE Watch publishes RSS, Atom, and JSON feeds — wire them into your SIEM, Slack, Discord, or your RSS reader of choice. Or get the curated weekly digest by email.