3672 matches found
[SECURITY] Fedora 27 Update: compat-openssl10-1.0.2m-1.fc27
The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries and is provided for compatibility with previous releases and software that does not support compilation with OpenSSL-1.1...
CVE-2017-11878
Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Compatibility Pack Service Pack 3, and Microsoft Excel Viewer 2007 Service Pack 3 allow an attacker to run...
CVE-2017-11877
Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Compatibility Pack Service Pack 3, Microsoft Excel Viewer 2007 Service Pack 3, and Microsoft Excel 2016 for...
CVE-2017-11854
Microsoft Word 2007 Service Pack 3, Microsoft Word 2010 Service Pack 2, Microsoft Office 2010 Service Pack 2, and Microsoft Office Compatibility Pack Service Pack 3 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka...
Memory corruption
Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Compatibility Pack Service Pack 3, and Microsoft Excel Viewer 2007 Service Pack 3 allow an attacker to run...
Microsoft Office Compatibility Pack Service Pack 3 Multiple Vulnerabilities (KB4011265)
This host is missing an important security update according to Microsoft KB4011265 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
Microsoft Office Compatibility Pack Service Pack 3 Multiple Vulnerabilities (KB4011205)
This host is missing an important security update according to Microsoft KB4011205 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
Moderate: Red Hat Security Advisory: jboss-ec2-eap security, bug fix, and enhancement update for EAP 6.4.18
An update for jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Microsoft Word CVE-2017-11854 Memory Corruption Vulnerability
Description Microsoft Word is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Excel 2007 SP3 Microsoft...
PT-2017-3277 · Microsoft · Excel Viewer +3
Name of the Vulnerable Software and Affected Versions: Microsoft Excel versions 2007 Service Pack 3 through 2016 Microsoft Office Compatibility Pack version Service Pack 3 Microsoft Excel Viewer version 2007 Service Pack 3 Description: The issue is related to the improper handling of objects in...
Security Updates for Microsoft Office Compatibility SP3 (November 2017)
The Microsoft Office Compatibility SP3 are missing security updates. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully...
[SECURITY] Fedora 27 Update: systemd-234-9.fc27
systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups,...
Microsoft Internet Explorer 11 jscript!JsErrorToString Use-After-Free
Microsoft IE11: use-after-free in jscript!JsErrorToString CVE-2017-11810 There is a use-after-free in jscript.dll library that can be exploited in IE11. jscript.dll is an old JavaScript library that was used in IE 8 and back. However, IE11 can still load it if put into IE8 compatibility mode and ...
The vulnerability of Microsoft Excel, Microsoft Excel for Mac, and the Microsoft Office Compatibility Pack relates to improper handling of objects in memory, allowing an attacker to gain privileges of the current user.
The vulnerability of Microsoft Excel and Microsoft Excel for Mac editors, as well as the Microsoft Office Web Apps suite and the Microsoft Office Compatibility Pack, is related to incorrect handling of objects in memory. Exploiting this vulnerability can allow a malicious actor, operating remotel...
Vulnerability of Microsoft Office software, related to improper handling of objects in memory, allows a hacker to execute arbitrary code.
The vulnerabilities of the Microsoft Office Compatibility Pack, Office Online Server, Microsoft Office Web Apps, Word Viewer and Microsoft Excel Web App, SharePoint applications, Microsoft Word text editor, and Word Automation Services are related to improper handling of objects in memory...
Cross site request forgery (csrf)
The Reporting Compatibility Add On before 2.0.4 for OpenMRS, as distributed in OpenMRS Reference Application before 2.6.1, does not authenticate users when deserializing XML input into ReportSchema objects. The result is that remote unauthenticated users are able to execute operating system...
CVE-2017-12796
The Reporting Compatibility Add On before 2.0.4 for OpenMRS, as distributed in OpenMRS Reference Application before 2.6.1, does not authenticate users when deserializing XML input into ReportSchema objects. The result is that remote unauthenticated users are able to execute operating system...
CVE-2017-12796
The Reporting Compatibility Add On before 2.0.4 for OpenMRS, as distributed in OpenMRS Reference Application before 2.6.1, does not authenticate users when deserializing XML input into ReportSchema objects. The result is that remote unauthenticated users are able to execute operating system...
CVE-2017-12796
The CVE-2017-12796 issue affects the OpenMRS Reporting Compatibility Add On prior to 2.0.4 (distributed in the OpenMRS Reference Application prior to 2.6.1). It does not authenticate users during XML deserialization into ReportSchema objects, allowing remote unauthenticated users to execute opera...
CVE-2012-6707
WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. NOTE: the approach to changing this may not be fully compatible with certain use cases, such as migration of a...