CVE-2025-64403 Apache OpenOffice: Remote documents loaded without prompt via "external data sources" in Calc

Apache OpenOffice Calc spreadsheet can contain links to other files, in the form of "external data sources". A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause such links to be loaded without prompt. This issue affects Apache...

CVE-2025-64403 Apache OpenOffice: Remote documents loaded without prompt via "external data sources" in Calc

Apache OpenOffice Calc spreadsheet can contain links to other files, in the form of "external data sources". A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause such links to be loaded without prompt. This issue affects Apache...

Apache OpenOffice 安全漏洞

Apache OpenOffice is an open source office software suite from the Apache USA Foundation. The suite contains text documents, spreadsheets, presentations, drawings, databases and more. A security vulnerability exists in Apache OpenOffice versions 4.1.15 and earlier, which stems from a lack of...

PT-2025-46583

Name of the Vulnerable Software and Affected Versions Apache OpenOffice versions through 4.1.15 Description Apache OpenOffice Calc spreadsheets can include links to external files, known as "external data sources". A missing authorization check in Apache OpenOffice allowed an attacker to create a...

EUVD-2019-4347

Malware in sbrugna...

EUVD-2020-3806

Malware in sbrugna...

EUVD-2021-20306

Malware in sbrugna...

EUVD-2025-29627

Malicious code in bioql PyPI...

EUVD-2023-32650

Malicious code in bioql PyPI...

EUVD-2025-22338

Malicious code in bioql PyPI...

EUVD-2024-0124

Malicious code in bioql PyPI...

EUVD-2024-2376

Malicious code in bioql PyPI...

External Data Extraction Attacks against Retrieval-Augmented Large Language Models

In recent years, RAG has emerged as a key paradigm for enhancing large language models LLMs. By integrating externally retrieved information, RAG alleviates issues like outdated knowledge and, crucially, insufficient domain expertise. While effective, RAG introduces new risks of external data...

JasperReports has a Java deserialisation vulnerability

A Java deserialisation vulnerability has been discovered in the Jaspersoft Library. Improper handling of externally supplied data may allow attackers to execute arbitrary code remotely on systems that use the affected library...

GHSA-7C3F-CG9X-F3GR JasperReports has a Java deserialisation vulnerability

A Java deserialisation vulnerability has been discovered in the Jaspersoft Library. Improper handling of externally supplied data may allow attackers to execute arbitrary code remotely on systems that use the affected library...

CVE-2025-10492

A Java deserialisation vulnerability has been discovered in Jaspersoft Library. Improper handling of externally supplied data may allow attackers to execute arbitrary code remotely on systems that use the affected library...

CVE-2025-10492

A Java deserialisation vulnerability has been discovered in Jaspersoft Library. Improper handling of externally supplied data may allow attackers to execute arbitrary code remotely on systems that use the affected library...

UBUNTU-CVE-2025-10492

A Java deserialisation vulnerability has been discovered in Jaspersoft Library. Improper handling of externally supplied data may allow attackers to execute arbitrary code remotely on systems that use the affected library...

Linux Distros Unpatched Vulnerability : CVE-2022-39050

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker who is logged into OTRS as an admin user may manipulate customer URL field to store JavaScript code to be run later by any other agent when clicking...

Path Traversal vulnerability in onnx.external_data_helper.save_external_data in ONNX 1.17.0 allows attackers to overwrite arbitrary files by supplying crafted external_data.location paths containing traversal sequences, bypassing intended directory restrictions.

...