EUVD-1999-1412

Malware in sbrugna...

EUVD-2024-18392

Malicious code in bioql PyPI...

The vulnerability of the Microsoft Outlook client for Microsoft Office programs and 365 Apps for Enterprise allows a perpetrator to execute arbitrary code.

The vulnerability of the Microsoft Outlook client and Microsoft Office programs, as well as 365 Apps for Enterprise, is related to reading data outside the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of Microsoft Office and 365 Apps for Enterprise applications relates to the possibility of exploiting memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the ability to exploit memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the Microsoft Access database management system, Microsoft Office applications, and 365 Enterprise Apps relates to the use of memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of the Microsoft Access database management system, Microsoft Office applications, and 365 Enterprise Apps is related to the use of memory after it is released. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

Microsoft Teams (work or school) for macOS com.microsoft.teams2.modulehost.app helper app library injection vulnerability

Talos Vulnerability Report TALOS-2024-1991 Microsoft Teams work or school for macOS com.microsoft.teams2.modulehost.app helper app library injection vulnerability August 19, 2024 CVE Number CVE-2024-41138 SUMMARY A library injection vulnerability exists in the com.microsoft.teams2.modulehost.app...

CVE-2024-20677

A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX files has been disabled in Word, Excel, PowerPoint and Outlook for Windows and Mac. Versions of Office that had this feature enabled will no longer have acces...

CVE-2024-20677

A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX files has been disabled in Word, Excel, PowerPoint and Outlook for Windows and Mac. Versions of Office that had this feature enabled will no longer have acces...

PT-2023-8134 · Microsoft · Office Word +8

Name of the Vulnerable Software and Affected Versions: Microsoft Office versions prior to the January 9, 2024 security update Office 2019 Office 2021 Office LTSC for Mac 2021 Microsoft 365 Description: A security issue exists in FBX that could lead to remote code execution. The vulnerability is...

Threat Spotlight: XLLing in Excel - threat actors using malicious add-ins

Microsoft is phasing out support for executing VBA macros in downloaded Office documents. Cisco Talos investigates another vector for introduction of malicious code to Microsoft Excel--malicious add-ins, specifically XLL files. Although XLL files were supported since early versions of Excel,...

The vulnerability of Microsoft Office package applications and Microsoft 365 Apps for Enterprise arises due to insufficient validation of input data, allowing attackers to execute arbitrary code.

The vulnerability of Microsoft Office package applications and Microsoft 365 Apps for Enterprise exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

Vulnerabilities of Microsoft 365, Microsoft Excel, Microsoft Office, Microsoft SharePoint, and Microsoft Office Web Apps are related to improper code generation, allowing attackers to execute arbitrary code.

Vulnerabilities of Microsoft 365, Microsoft Excel, Microsoft Office, Microsoft SharePoint, and Microsoft Office Web Apps are related to improper code generation management. Exploitation of these vulnerabilities can allow a malicious actor to execute arbitrary code remotely...

PT-2021-6941 · Microsoft · Office Web Apps +4

Name of the Vulnerable Software and Affected Versions: Microsoft Excel affected versions not specified Microsoft 365 affected versions not specified Microsoft Office affected versions not specified Microsoft Office Online Server affected versions not specified Microsoft Office Web Apps affected...

VulnCheck KEV: CVE-2011-0097

Integer underflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary...

PT-2021-2035 · Microsoft · Office Web Apps Server +4

Name of the Vulnerable Software and Affected Versions: Microsoft Excel affected versions not specified Microsoft Office affected versions not specified Microsoft 365 Apps for Enterprise affected versions not specified Microsoft Office Web Apps Server affected versions not specified Microsoft Offi...

December 1, 2020, update for Office 2016 (KB4486716)

December 1, 2020, update for Office 2016 KB4486716 This article describes update 4486716 for Microsoft Office 2016 that was released on December 1, 2020.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply...

[SECURITY] Fedora 31 Update: libreoffice-6.3.6.2-4.fc31

LibreOffice is an Open Source, community-developed, office productivity sui te. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites...

8-Year-Old VelvetSweatshop Bug Resurrected in LimeRAT Campaign

Researchers have discovered a fresh campaign using Excel files to spread LimeRAT malware – making use of the hardcoded, VelvetSweatshop default password for encrypted files. LimeRAT is a full-featured remote access tool/backdoor that can allow attackers to access an infected system and install a...

The vulnerability affects the Microsoft Graphics component in the Microsoft Excel Viewer, Microsoft Office applications and Office 365, the Microsoft Office Compatibility Pack, the Microsoft Windows operating system, the Microsoft PowerPoint Viewer for presentation viewing, and the Microsoft Office Word Viewer for document reading. This allows an attacker to execute arbitrary code.

The vulnerability of the Microsoft Graphics component in the Microsoft Excel Viewer, a spreadsheet software; Microsoft Office and Office 365 applications; the Microsoft Office Compatibility Pack; the Microsoft Windows operating system; the Microsoft PowerPoint Viewer, a presentation software; and...

CVE-2019-0541

A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input, aka "MSHTML Engine Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Internet Explorer 9, Internet Explorer 11, Microsoft Excel Viewer,...