Microsoft Office Multiple Vulnerabilities (Apr 2025) - Mac OS X

This host is missing an important security update for Microsoft Office on Mac OSX according to Microsoft security update April 2025 SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

EUVD-2025-29822

Malicious code in bioql PyPI...

Security Updates for Microsoft OneNote C2R (April 2025)

The Microsoft OneNote Products are missing a security update. It is, therefore, affected by a security feature bypass vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. Th...

CVE-2025-29822

Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally...

Microsoft OneNote Security Feature Bypass Vulnerability (KB5002622)

This host is missing an important security update according to Microsoft KB5002622. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2025-29822

Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally...

CVE-2025-29822

Incomplete list of disallowed inputs in Microsoft Office OneNote allows an unauthorized attacker to bypass a security feature locally...

CVE-2025-29822 Microsoft OneNote Security Feature Bypass Vulnerability

...

CVE-2025-29822

creationtimestamp| type| source ---|---|--- 2025-04-08 16:14:25+00:00| seen| https://www.thezdi.com/blog/2025/4/8/the-april-2025-security-update-review 2025-04-08 16:50:53+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2025-0107 2025-04-08 22:22:32+00:00| seen|...

CVE-2024-29822

CVE-2024-29822 is an unspecified SQL Injection affecting Ivanti Endpoint Manager (EPM) Core server in 2022 SU5 and earlier. The vulnerability allows an unauthenticated attacker on the same network to execute arbitrary code. Several connected sources corroborate an Ivanti EPM SQL Injection issue w...

CVE-2024-29822

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code...

CVE-2024-29822

creationtimestamp| type| source ---|---|--- 2024-05-23 11:23:46+00:00| seen| https://t.me/thehackernews/5000 2024-05-23 11:51:37+00:00| seen| Telegram/4Vyo8nhBuKQ9xdInnoTG2Gzp0fS9UGeTbDwzP8ZNAtB6jA 2024-05-23 11:51:37+00:00| seen| https://t.me/tengkorakcybercrewz/8404 2024-05-23 11:51:37+00:00|...

@xrengine/analytics (>=0.4.11 <=5.0.0-beta3), @xrengine/server-core (>=0.4.11 <=5.0.0-beta3) potentially affected by CVE-2022-29822 via feathers-sequelize (=6.3.2)

feathers-sequelize NPM version =6.3.2 is affected by a known vulnerability. The following packages have a transitive dependency on feathers-sequelize and may be impacted: - @xrengine/analytics =0.4.11, =0.4.11, =5.0.0-beta3 Source cves: CVE-2022-29822 Source advisory: OSV:GHSA-5HQ7-J5WQ-P227...

CVE-2022-29822

CVE-2022-29822 involves a SQL injection risk in Feathers Sequelize. Multiple connected sources describe a flaw in the Feathersjs/Feathers-Sequelize stack where improper parameter filtering (notably in the _find path of index.js) allows attacker-controlled input to influence SQL queries. The vulne...

CVE-2021-29822

CVE-2021-29822 affects IBM Tivoli Netcool/OMNIbus_WebGUI 8.1.0 (WebGUI) where a cross-site scripting (XSS) vulnerability exists in the web UI. The IBM Security Bulletin confirms this family of vulnerabilities and provides a remediation path: apply Fix Pack 23 for WebGUI 8.1.0 (IJ32887). This mode...