3.3CVSS
5.7AI Score
0.0004EPSS
7.8CVSS
8.6AI Score
0.002EPSS
6.5CVSS
6.8AI Score
0.001EPSS
A buffer underflow vulnerability exists in the way Hword of Hancom Office 2020 version 11.0.0.5357 parses XML-based office files. A specially-crafted malformed file can cause memory corruption by using memory before buffer start, which can lead to code execution. A victim would need to access a...
7.8CVSS
8AI Score
0.001EPSS
7.8CVSS
7.9AI Score
0.004EPSS
7.8CVSS
7.8AI Score
0.004EPSS
7.8CVSS
7.8AI Score
0.002EPSS
A privilege escalation vulnerability was discovered in Avaya IP Office Admin Lite and USB Creator that may potentially allow a local user to escalate privileges. This issue affects Admin Lite and USB Creator 11.1 Feature Pack 2 Service Pack 1 and earlier...
7.8CVSS
7.8AI Score
0.0004EPSS
Operation restriction bypass vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to alter the data of Scheduler via unspecified...
4.3CVSS
4.6AI Score
0.001EPSS
Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows remote attackers to inject an arbitrary script via unspecified...
6.1CVSS
6.1AI Score
0.001EPSS
Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified...
6.1CVSS
6AI Score
0.001EPSS
Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified...
6.1CVSS
6AI Score
0.001EPSS
HTTP header injection vulnerability in Cybozu Office 10.0.0 to 10.8.5 may allow a remote attacker to obtain and/or alter the data of the product via unspecified...
6.5CVSS
6.3AI Score
0.001EPSS
Information disclosure vulnerability in the system configuration of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to obtain the data of the product via unspecified...
5.3CVSS
5.2AI Score
0.001EPSS
Operation restriction bypass vulnerability in Project of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to alter the data of Project via unspecified...
4.3CVSS
4.4AI Score
0.001EPSS
Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allows a remote attacker to inject an arbitrary script via unspecified...
6.1CVSS
6AI Score
0.001EPSS
Browse restriction bypass vulnerability in Custom Ap of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to obtain the data of Custom App via unspecified...
4.3CVSS
4.5AI Score
0.001EPSS
Browse restriction bypass vulnerability in Cabinet of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to obtain the data of Cabinet via unspecified...
4.3CVSS
4.3AI Score
0.001EPSS
Browse restriction bypass vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to obtain the data of Address Book via unspecified...
4.3CVSS
4.5AI Score
0.001EPSS
Browse restriction bypass vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to obtain the data of...
4.3CVSS
4.6AI Score
0.001EPSS
7.3CVSS
7.1AI Score
0.0005EPSS
7.8CVSS
7.9AI Score
0.002EPSS
8.8CVSS
8.7AI Score
0.015EPSS
4.7CVSS
4.9AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.002EPSS
Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30171,...
5.5CVSS
5.4AI Score
0.01EPSS
5.5CVSS
5.3AI Score
0.01EPSS
5.5CVSS
5.3AI Score
0.01EPSS
7.8CVSS
8AI Score
0.002EPSS
An exploitable use-after-free vulnerability exists in WPS Spreadsheets ( ET ) as part of WPS Office, version 11.2.0.10351. A specially-crafted XLS file can cause a use-after-free condition, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger...
7.8CVSS
7.9AI Score
0.002EPSS
7.8CVSS
7.7AI Score
0.005EPSS
6.5CVSS
6.8AI Score
0.005EPSS
7.8CVSS
7.8AI Score
0.005EPSS
5.5CVSS
5.5AI Score
0.001EPSS
7.8CVSS
7.7AI Score
0.007EPSS
7.8CVSS
7.8AI Score
0.005EPSS
The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs), allowing an attacker to execute arbitrary code with the privilege of the user invoking the...
7.8CVSS
7.9AI Score
0.001EPSS
The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker to execute arbitrary code with the privilege of the user invoking the...
7.8CVSS
7.9AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.007EPSS
5.5CVSS
5.5AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.007EPSS
5.5CVSS
5.6AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.007EPSS
The installer of WPS Office for Windows versions prior to v11.2.0.10258 fails to configure properly the ACL for the directory where the service program is...
7.8CVSS
7.6AI Score
0.001EPSS
7.8CVSS
7.9AI Score
0.007EPSS
5.5CVSS
5.4AI Score
0.0004EPSS
7.8CVSS
8.3AI Score
0.007EPSS
7.8CVSS
7.8AI Score
0.008EPSS
5.5CVSS
5.3AI Score
0.001EPSS
Cross-site scripting vulnerability in Canon laser printers and small office multifunctional printers (LBP162L/LBP162, MF4890dw, MF269dw/MF265dw/MF264dw/MF262dw, MF249dw/MF245dw/MF244dw/MF242dw/MF232w, and MF229dw/MF224dw/MF222dw sold in Japan, imageCLASS MF Series...
4.8CVSS
5AI Score
0.002EPSS