7 matches found
PT-2024-4514 · Sap · Sap Netweaver As Java
Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS Java versions 7.50 Description: The issue is related to the incorrect restriction of XML links to external objects in the Guided Procedures component of SAP NetWeaver AS for Java. This can be exploited by a remote attacker...
postgresql: Extension scripts replace objects not belonging to the extension.
A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait for a victim to use the objec...
Advisory ROSA-SA-2021-1819
Software: cvs 1.11.23 OS: Cobalt 7.9 CVE-ID: CVE-2020-2324 CVE-Crit: HIGH CVE-DESC: The Jenkins CVS 2.16 and earlier plug-in does not configure its XML syntactic parser to prevent attacks on XML external objects XXE. CVE-STATUS: default CVE-REV: default...
Microsoft Windows JScript External Object Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code in applications using the JScript scripting language on vulnerable installations of Microsoft Windows. Microsoft Internet Explorer is an affected application. User interaction is required to exploit this vulnerability in that th...
Microsoft PowerPoint 2007 OfficeArt Atom Remote Code Execution Vulnerability
This host is installed with Microsoft Office Power Point and is prone to remote code execution vulnerability. This NVT has been replaced by NVT secpodms11-022.nasl OID:1.3.6.1.4.1.25623.1.0.902411. OpenVAS Vulnerability Test $Id: gbmspowerpointcodeexecvuln.nasl 6538 2017-07-05 11:38:27Z cfischer ...
(0Day) Microsoft PowerPoint 2007 OfficeArt Atom Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Powerpoint 2007. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with t...
security flaw
EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox...