121 matches found
Fedora 27 : libreoffice (2018-3eb4d8e4c4)
The remote Fedora 27 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2018-3eb4d8e4c4 advisory. - CVE-2018-1055 Remote arbitrary file disclosure vulnerability via WEBSERVICE formula Tenable has extracted the preceding description block directly...
CVE-2018-1055
CVE-2018-6871, referenced as CVE-2018-1055 in reservation, affects LibreOffice via improper validation of the WEBSERVICE() function argument. This allows a remote, unauthenticated attacker to disclose arbitrary files by convincing a user to open a specially crafted document (information disclosur...
CVE-2018-1055
...
LibreOffice -- Remote arbitrary file disclosure vulnerability via WEBSERVICE formula
LibreOffice reports: LibreOffice Calc supports a WEBSERVICE function to obtain data by URL. Vulnerable versions of LibreOffice allow WEBSERVICE to take a local file URL e.g file:// which can be used to inject local files into the spreadsheet without warning the user. Subsequent formulas can opera...
tilestwra.com XSS vulnerability
Vulnerable URL: http://www.tilestwra.com/?s= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 06.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1055 VIP website status:| Yes Check tilestwra.com SSL connection:| Grade: B+ Coordinated...
CVE-2016-1075
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different...
CVE-2016-1065
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different...
CVE-2016-1055
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different...
CVE-2016-1055
Technical details for CVE-2016-1055 are not provided in the connected documents. Public details appear unavailable here; monitor for updates.
CVE-2016-1055
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different...
WordPress Photo Gallery Blind SQL injection Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescription...
CVE-2015-1055
The CVE-2015-1055 vulnerability affects the WordPress Photo Gallery plugin (version 1.2.7 and earlier) used with WordPress. It allows remote attackers to perform a blind SQL injection via the order_by parameter in a GalleryBox action to wp-admin/admin-ajax.php, potentially exposing or altering da...
NetWin SurgeMail Webmail Server page Parameter Format String - Ver2 (CVE-2008-1055)
A format string vulnerability has been reported in NetWin SurgeMail and WebMail. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2012-1055
CVE-2012-1055 affects PhotoLine 17.01 (and possibly earlier versions before 17.02). The vulnerability is a heap-based buffer overflow in processing JPEG2000 JP2 files with crafted Quantization Default (QCD) marker segments, allowing remote code execution. Affected component is the image editor’s ...
CVE-2011-1055
CVE-2011-1055 affects Lingxia I.C.E CMS 1.0, where SQL injection is possible in api/ice_media.cfc via the session.user_id parameter to media.cfm. This remote‑auth vulnerability could allow arbitrary SQL commands to be executed on the affected system. The available documents identify the vulnerabl...
CVE-2011-1055
creationtimestamp| type| source ---|---|--- 2011-02-15 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16171...
Ubuntu: Security Advisory (USN-1055-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2010-1055
creationtimestamp| type| source ---|---|--- 2010-03-15 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/11755...
Sitecore CMS < 5.3.2 rev. 090212 Web Service Security Database Information Disclosure
The remote host is running a version of Sitecore CMS which is reportedly affected by an information disclosure vulnerability. An attacker could exploit this in order to gain unauthorized access to security databases. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
CVE-2009-1055
Mode C: The vulnerability affects Sitecore CMS 5.3.1 rev. 071114 where the web service can disclose security databases and credentials to remote authenticated users via SOAP/XML requests. Root cause is unspecified in the public initial description, but connected Nessus/NVD entries confirm an info...