318 matches found
MDaemon Webmail 注入漏洞
MDaemon Webmail is a server-side application for providing mail services from MDaemon, Inc. in the United States. An IFRAME injection vulnerability exists in MDaemon Webmail versions prior to 20.0.4, which can be exploited by an attacker to perform any action with the privileges of the attacked...
Clam AntiVirus Denial of Service Vulnerability (CNVD-2021-28301)
Clam AntiVirus ClamAV is an anti-virus package for use on UNIX-like systems. Mainly used in mail servers, using multi-threaded background operation, you can automatically upgrade the virus database. A denial of service vulnerability exists in Clam AntiVirus versions 0.103.0 and 0.103.1. The...
Roundcube Webmail Cross-Site Scripting Vulnerability (CNVD-2021-44696)
RoundCube Webmail is a browser-based, multi-language IMAP client with a desktop-like interface. A cross-site scripting vulnerability exists in linkrefaddindex in rcubestringreplacer.php in Roundcube Webmail, which can be exploited by an attacker via a specially crafted email...
CVE-2020-16947
A remote code execution vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the targeted user. If the targeted user is logged on with...
CVE-2020-16968
A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user...
CVE-2020-16932
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...
CVE-2020-16933
A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file...
Remote code execution
A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user...
Remote code execution
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...
Windows Camera Codec Pack Remote Code Execution Vulnerability
A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user...
Windows Camera Codec Pack Remote Code Execution Vulnerability
A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user...
Microsoft Outlook Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the targeted user. If the targeted user is logged on with...
Microsoft Word Security Feature Bypass Vulnerability
A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file...
Microsoft Excel Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...
Microsoft Excel Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...
Microsoft Excel Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...
PT-2020-4376 · Microsoft · Windows Camera Codec Pack +1
Name of the Vulnerable Software and Affected Versions: Windows Camera Codec Pack affected versions not specified Description: A remote code execution issue exists due to improper handling of objects in memory by the Windows Camera Codec Pack. This could allow an attacker to run arbitrary code in...
PT-2020-4282 · Microsoft · Office Word
Name of the Vulnerable Software and Affected Versions: Microsoft Word affected versions not specified Description: A security feature bypass issue exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the issue could use a specially...
CVE-2020-1594
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...
CVE-2020-1338
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the...