The vulnerability of Microsoft Excel editors arises from operations that go beyond buffer boundaries in memory, allowing attackers to execute arbitrary code in the context of the current user.

The vulnerability of Microsoft Excel editors arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code in the context of the current user, using a specially created file...

The vulnerability of Microsoft Excel editors arises from operations that go beyond buffer boundaries in memory, allowing attackers to execute arbitrary code in the context of the current user.

The vulnerability of Microsoft Excel editors arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code in the context of the current user, using a specially created file...

PT-2020-4039 · Microsoft · Chakracore +1

Name of the Vulnerable Software and Affected Versions: Microsoft Edge ChakraCore affected versions not specified Description: A remote code execution issue exists in the way the ChakraCore scripting engine handles objects in memory. This could allow an attacker to corrupt memory and execute...

(0Day) Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

PT-2020-4154 · Microsoft · Edge +1

Name of the Vulnerable Software and Affected Versions: Microsoft Edge and Internet Explorer affected versions not specified Description: A remote code execution issue exists in the way Microsoft browsers access objects in memory, potentially allowing an attacker to execute arbitrary code in the...

Microsoft SharePoint Spoofing Vulnerability (CNVD-2020-64002)

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A security...

Microsoft SharePoint Cross-Site Scripting Vulnerability (CNVD-2020-49006)

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A cross-site scriptin...

Slackware 14.0 / 14.1 / 14.2 / current : bind (SSA:2020-234-01)

New bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2020-234-01. The text itself is copyright C Slackware Linux,...

Foxit Studio Photo PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Type confusion

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.2.29539. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Slackware 14.0 / 14.1 / 14.2 / current : curl (SSA:2020-232-01)

New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2020-232-01. The text itself is copyright C Slackware Linux...

CVE-2020-1380

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully...

Microsoft SharePoint Input Validation Error Vulnerability (CNVD-2020-49027)

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A security...

Microsoft Excel Remote Code Execution Vulnerability (CNVD-2020-48604)

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A remote code execution vulnerability exists in Microsoft Excel that stems from the program's failure to properly handle objects in memory. The vulnerability can be exploited to run arbitrary code in the...

Microsoft Chakra Inline Cache Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementatio...

Microsoft Visual Studio Code Code Execution Vulnerability

Microsoft Visual Studio Code is an open source code editor from Microsoft USA. A remote code execution vulnerability exists in Microsoft Visual Studio Code. An attacker can exploit this vulnerability by tricking a user into copying a repository and opening it in Visual Studio Code to run arbitrar...

Microsoft Outlook Code Execution Vulnerability

Microsoft Outlook is a suite of e-mail applications from the American company Microsoft. A remote code execution vulnerability exists in Microsoft Outlook, which arises from the program's failure to properly handle objects in memory. An attacker can exploit the vulnerability by means of a special...

Microsoft Edge Remote Code Execution Vulnerability (CNVD-2020-61587)

Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. Microsoft Edge suffers from a remote code execution vulnerability that stems from the program's failure to properly handle objects in memory. An attacker can exploit the vulnerability by...

Adobe Acrobat Pro DC addFeed Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Adobe Acrobat Reader DC app.measureDialog Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...