e-Excellence U-Office Force generates an error message in webiste service. An unauthenticated remote attacker can obtain partial sensitive system information from error message by sending a crafted...
5.3CVSS
5.1AI Score
0.001EPSS
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPO365 | Mail Integration for Office 365 / Outlook plugin <= 1.9.0...
6.1CVSS
6AI Score
0.0005EPSS
6.5CVSS
6.5AI Score
0.001EPSS
6.5CVSS
6.5AI Score
0.001EPSS
7.8CVSS
7.7AI Score
0.001EPSS
7.8CVSS
7.9AI Score
0.001EPSS
7.8CVSS
8.3AI Score
0.001EPSS
7.8CVSS
8.3AI Score
0.001EPSS
7.8CVSS
7.9AI Score
0.001EPSS
7.8CVSS
8.3AI Score
0.001EPSS
An arbitrary file upload vulnerability in eoffice before v9.5 allows attackers to execute arbitrary code via uploading a crafted...
9.8CVSS
9.5AI Score
0.001EPSS
5.5CVSS
5.4AI Score
0.001EPSS
7.8CVSS
8.3AI Score
0.001EPSS
7.8CVSS
8.3AI Score
0.001EPSS
9.6CVSS
9.1AI Score
0.003EPSS
7.8CVSS
7.6AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.001EPSS
8.8CVSS
8.7AI Score
0.106EPSS
6.5CVSS
7.2AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.001EPSS
8.8CVSS
8.7AI Score
0.134EPSS
7.8CVSS
7.7AI Score
0.004EPSS
7.8CVSS
7.7AI Score
0.001EPSS
7.8CVSS
7.7AI Score
0.001EPSS
OS command injection vulnerability exists in WPS Office version 10.8.0.6186. If a remote attacker who can conduct a man-in-the-middle attack connects the product to a malicious server and sends a specially crafted data, an arbitrary OS command may be executed on the system where the product is...
8.1CVSS
8.1AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.005EPSS
A vulnerability has been found in Guangdong Pythagorean OA Office System up to 4.50.31 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Schedule Handler. The manipulation of the argument description leads to cross site scripting. The attack....
5.4CVSS
5.3AI Score
0.001EPSS
A vulnerability has been found in Guangdong Pythagorean OA Office System up to 4.50.31 and classified as problematic. This vulnerability affects unknown code of the file /note/index/delete. The manipulation of the argument id leads to cross-site request forgery. The attack can be initiated...
8.8CVSS
8.7AI Score
0.001EPSS
7.5CVSS
7.4AI Score
0.001EPSS
Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build...
7.8CVSS
7.8AI Score
0.0004EPSS
Improper Authentication of RemoteUI of Office / Small Office Multifunction Printers and Laser Printers() which may allow an attacker on the network segment to trigger unauthorized access to the product. :Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and...
5.3CVSS
5.3AI Score
0.001EPSS
Arbitrary Files can be installed in the Setting Data Import function of Office / Small Office Multifunction Printers and Laser Printers(). :Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C...
5.3CVSS
5.4AI Score
0.001EPSS
Buffer overflow in IPP sides attribute process of Office / Small Office Multifunction Printers and Laser Printers() which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. :Satera LBP660C Series/LBP620C Series/MF740C...
9.8CVSS
9.7AI Score
0.001EPSS
Buffer overflow in IPP number-up attribute process of Office / Small Office Multifunction Printers and Laser Printers() which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. :Satera LBP660C Series/LBP620C Series/MF740C...
9.8CVSS
9.7AI Score
0.001EPSS
Buffer overflow in NetBIOS QNAME registering and communication process of Office / Small Office Multifunction Printers and Laser Printers() which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. :Satera LBP660C...
9.8CVSS
9.7AI Score
0.002EPSS
Unintentional change of settings during initial registration of system administrators which uses control protocols. The affected Office / Small Office Multifunction Printers and Laser Printers() may allow an attacker on the network segment to trigger unauthorized access to the product. :Satera...
7.5CVSS
7.4AI Score
0.001EPSS
Buffer overflow in the Address Book of Mobile Device function of Office / Small Office Multifunction Printers and Laser Printers() which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. :Satera LBP660C Series/LBP620C...
9.8CVSS
9.7AI Score
0.001EPSS
Buffer overflow in mDNS NSEC record registering process of Office / Small Office Multifunction Printers and Laser Printers() which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. :Satera LBP660C Series/LBP620C...
9.8CVSS
9.7AI Score
0.001EPSS
Buffer overflow in CPCA Resource Download process of Office / Small Office Multifunction Printers and Laser Printers() which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. :Satera LBP660C Series/LBP620C Series/MF740C...
9.8CVSS
9.7AI Score
0.002EPSS
A vulnerability was found in Weaver E-Office 9.5 and classified as critical. Affected by this issue is some unknown functionality of the file /webroot/inc/utility_all.php of the component File Upload Handler. The manipulation leads to command injection. The attack may be launched remotely. The...
8.8CVSS
8.8AI Score
0.001EPSS
A vulnerability was found in Weaver E-Office 9.5. It has been classified as critical. This affects an unknown part of the file /inc/jquery/uploadify/uploadify.php. The manipulation of the argument Filedata leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit...
9.8CVSS
9.4AI Score
0.06EPSS
7.5CVSS
7.4AI Score
0.002EPSS
7.8CVSS
7.8AI Score
0.005EPSS
3.3CVSS
5AI Score
0.001EPSS
A vulnerability was found in Weaver E-Office 9.5. It has been rated as critical. Affected by this issue is some unknown functionality of the file App/Ajax/ajax.php?action=mobile_upload_save. The manipulation of the argument upload_quwan leads to unrestricted upload. The attack may be launched...
9.8CVSS
9.3AI Score
0.001EPSS
7.8CVSS
7.7AI Score
0.014EPSS