Lucene search
K

177 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-31141

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00538EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.17 views

EUVD-2023-36785

Malicious code in bioql PyPI...

8.8CVSS8AI score0.00655EPSS
Exploits1References1
CVE
CVE
added 2025/03/20 10:10 a.m.49 views

CVE-2024-10833

CVE-2024-10833 affects eosphoros-ai/db-gpt v0.6.0. The vulnerability is an absolute path traversal in the knowledge API’s file upload endpoint (knowledge/{space_name}/document/upload), where the user-controllable parameter doc_file.filename enables arbitrary file writes to locations on the target...

9.1CVSS9.3AI score0.00769EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2025/01/02 12:0 a.m.6 views

Yunfan Learning Examination System 安全漏洞

Yunfan Learning Examination System is an examination application from China Yunfan Yunfan Company. A security vulnerability exists in Yunfan Learning Examination System version 1.9.2, which stems from some unknown processing of the file /doc.html that can lead to improper authorization...

6.9CVSS5.5AI score0.00558EPSS
Exploits1References5
Cvelist
Cvelist
added 2024/08/14 3:5 p.m.27 views

CVE-2024-39395 Adobe Indesign 2024 DOC File Parsing Null Pointer Dereference

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service DoS. An attacker could exploit this vulnerability to crash the application, resulting in a DoS condition. Exploitation of this issue...

5.5CVSS0.00271EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/07/29 12:0 a.m.6 views

Microsoft Word DOC File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DOC...

7.8CVSS7.1AI score
Exploits0
Cvelist
Cvelist
added 2024/05/03 2:15 a.m.34 views

CVE-2023-51598 Hancom Office Word DOC File Parsing Use-After-Free Remote Code Execution Vulnerability

Hancom Office Word DOC File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hancom Office Word. User interaction is required to exploit this vulnerability in that the target must visit a...

7CVSS7.5AI score0.00722EPSS
Exploits0References1
CVE
CVE
added 2024/05/03 2:15 a.m.80 views

CVE-2023-51598

CVE-2023-51598 is a Use-After-Free vulnerability in Hancom Office Word related to DOC file parsing. The flaw arises from not validating the existence of an object before performing operations on it, enabling an attacker to execute code in the context of the current process. Exploitation requires ...

8.8CVSS7.3AI score0.00722EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/05/03 2:15 a.m.3 views

CVE-2023-27365

Foxit PDF Editor DOC File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must...

7.8CVSS6.2AI score0.00538EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/03 1:56 a.m.18 views

CVE-2023-27365 Foxit PDF Editor DOC File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability

Foxit PDF Editor DOC File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must...

7.8CVSS8AI score0.00538EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/03 1:56 a.m.37 views

CVE-2023-27365 Foxit PDF Editor DOC File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability

Foxit PDF Editor DOC File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must...

7.8CVSS8.2AI score0.00538EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/09/26 2:2 p.m.35 views

CVE-2023-32541

A use-after-free vulnerability exists in the footerr functionality of Hancom Office 2020 HWord 11.0.0.7520. A specially crafted .doc file can lead to a use-after-free. An attacker can trick a user into opening a malformed file to trigger this vulnerability...

8.8CVSS8.8AI score0.00655EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/09/26 12:0 a.m.7 views

PT-2023-23864 · Hancom · Hancom Office 2020 Hword

Name of the Vulnerable Software and Affected Versions: Hancom Office 2020 HWord version 11.0.0.7520 Description: A use-after-free issue exists in the footerr functionality. This can be triggered by a specially crafted .doc file, potentially allowing an attacker to exploit the vulnerability by...

8.8CVSS7.7AI score0.00655EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:17 a.m.4 views

SUSE CVE-2005-3239

The OLE2 unpacker in clamd in Clam AntiVirus ClamAV 0.87-1 allows remote attackers to cause a denial of service segmentation fault via a DOC file with an invalid property tree, which triggers an infinite recursion in the ole2walkpropertytree function...

7.8CVSS8.8AI score0.04482EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:38 a.m.5 views

SUSE CVE-2013-2189

Apache OpenOffice.org OOo before 4.0 allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via invalid PLCF data in a DOC document file...

6.8CVSS7.6AI score0.03958EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2022/08/29 12:0 a.m.11 views

The vulnerability of the PDF-XChange PDF document viewing and editing program, related to the occurrence of operations outside the buffer in memory, allows a hacker to execute arbitrary code.

The vulnerability of the PDF document viewing and editing software PDF-XChange lies in the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created malicious DOC file from a remote location...

10CVSS8.1AI score0.0077EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.14 views

Ubuntu: Security Advisory (USN-374-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.1CVSS6.6AI score0.03385EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/08/15 12:0 a.m.6 views

PT-2022-4479 · Pdf Xchange · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: The issue is related to a buffer overflow in memory, allowing a remote attacker to execute arbitrary code using a specially crafted malicious Doc file. User interaction is...

10CVSS8AI score0.0077EPSS
Exploits0References7
Prion
Prion
added 2021/10/02 12:15 a.m.13 views

Design/Logic Flaw

Word97Import200.dll in Corel WordPerfect 2020 20.0.0.200 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to access unauthorized system memory in the context of the current user. Exploitation of this issu...

4.3CVSS5.3AI score0.01533EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/10/01 11:15 p.m.17 views

Design/Logic Flaw

Word97Import200.dll in Corel WordPerfect 2020 20.0.0.200 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issu...

6.8CVSS7.8AI score0.02076EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder