EUVD-2025-205393

ONLYOFFICE Docs before 9.2.1 allows XSS via the Font field for the Multilevel list settings window. This is related to DocumentServer...

CVE-2025-68935

ONLYOFFICE Docs before 9.2.1 allows XSS via the Font field for the Multilevel list settings window. This is related to DocumentServer...

CVE-2025-68935

ONLYOFFICE Docs before 9.2.1 allows XSS via the Font field for the Multilevel list settings window. This is related to DocumentServer...

CVE-2025-68935

ONLYOFFICE Docs before 9.2.1 allows XSS via the Font field for the Multilevel list settings window. This is related to DocumentServer...

CVE-2025-68935

ONLYOFFICE Docs before 9.2.1 allows XSS via the Font field for the Multilevel list settings window. This is related to DocumentServer...

CVE-2025-68935

ONLYOFFICE Docs prior to version 9.2.1 is affected by a cross-site scripting (XSS) vulnerability in the Multilevel list settings window’s Font field, related to DocumentServer. The issue is confirmed across multiple sources (including Red Hat, EUVD, NVD, OSV, CVE lists) and lists the vulnerable c...

ONLYOFFICE Docs 跨站脚本漏洞

ONLYOFFICE Docs is an online office software from ONLYOFFICE, Inc. A cross-site scripting vulnerability exists in versions of ONLYOFFICE Docs prior to 9.2.1, which stems from improper handling of the Font field in the Multi-Level List Settings window, which could lead to a cross-site scripting...

PT-2025-53411

Name of the Vulnerable Software and Affected Versions ONLYOFFICE Docs versions prior to 9.2.1 Description The software contains a flaw that allows for cross-site scripting XSS. This occurs through manipulation of the Font field within the Multilevel list settings window. The issue is related to t...

ShixxNOTE 6.net Font Field Overflow

No description provided by source. $Id: shixxnotefont.rb 9525 2010-06-15 07:18:08Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of us...

Acroread: Stack-based buffer overflow by processing certain fonts (APSA10-02)

Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a PDF document with a long field in a Smart INdependent...

CVE-2004-1595

The CVE-2004-1595 entry concerns ShixxNOTE 6.net (build 117) and describes a buffer overflow in the handling of font fields, allowing a remote attacker to execute arbitrary code. Connected sources confirm concrete exploitability: Metasploit/ShixxNOTE font-field overflow modules and exploits (e.g....