Lucene search
K

204 matches found

Cvelist
Cvelist
added 2019/09/11 7:17 p.m.25 views

CVE-2019-3763

The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain an information exposure vulnerability. The Office 365 user password may get logged in a plain text format in the Office 365 connector debug log file. An authenticated...

8.8CVSS8.4AI score0.00324EPSS
Exploits0References1
Prion
Prion
added 2019/03/26 6:29 p.m.20 views

Command injection

Data Leakage Attacks vulnerability in the web portal component when in an MDR pair in McAfee Network Security Management NSM 9.1 9.1.7.75 Update 4 and 9.2 9.2.7.31 Update2 allows administrators to view configuration information in plain text format via the GUI or GUI terminal commands...

1.9CVSS4.4AI score0.00211EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/03/26 5:23 p.m.48 views

CVE-2019-3606

CVE-2019-3606 affects McAfee Network Security Manager (NSM) in the web portal component when running NSM 9.x with versions prior to 9.1.7.75 Update 4 or 9.2.7.31 Update2. The issue enables data leakage by allowing administrators to view configuration information in plain text via the GUI or GUI t...

7.7CVSS4.5AI score0.00211EPSS
Exploits0References2Affected Software1
Fedora
Fedora
added 2019/02/19 2:3 p.m.56 views

[SECURITY] Fedora 29 Update: jackson-dataformats-text-2.9.8-1.fc29

Parent pom for Jackson text-format dataformats...

10CVSS2AI score0.12679EPSS
Exploits1
Fedora
Fedora
added 2019/02/18 1:27 a.m.29 views

[SECURITY] Fedora 28 Update: python-markdown2-2.3.7-1.fc28

Markdown is a text-to-HTML filter; it translates an easy-to-read / easy-to-write structured text format into HTML. Markdown's text format is most similar to that of plain text email, and supports features such as headers, emphasis, code blocks, blockquotes, and links. This is a fast and complete...

6.1CVSS1.6AI score0.00812EPSS
Exploits0
Fedora
Fedora
added 2019/01/16 1:42 a.m.26 views

[SECURITY] Fedora 28 Update: unrtf-0.21.9-8.fc28

UnRTF is a command-line program written in C which converts documents in Rich Text Format .rtf to HTML, LaTeX, troff macros, and RTF itself. Converting to HTML, it supports a number of features of Rich Text Format: Changes in the text's font, size, weight bold, and slant italic Underlines and...

7.5CVSS0.5AI score0.02836EPSS
Exploits0
Prion
Prion
added 2018/12/01 8:29 p.m.13 views

Null pointer dereference

An exploitable uninitialized pointer vulnerability exists in the rich text format parser of Atlantis Word Processor, version 3.2.7.2. A specially crafted document can cause certain RTF tokens to dereference a pointer that has been uninitialized and then write to it. An attacker must convince a...

6.8CVSS7.5AI score0.01006EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/12/01 8:0 p.m.21 views

CVE-2018-4040

An exploitable uninitialized pointer vulnerability exists in the rich text format parser of Atlantis Word Processor, version 3.2.7.2. A specially crafted document can cause certain RTF tokens to dereference a pointer that has been uninitialized and then write to it. An attacker must convince a...

8.8CVSS7.5AI score0.01006EPSS
Exploits1References1
Talos
Talos
added 2018/11/20 12:0 a.m.235 views

Atlantis Word Processor rich text format uninitialized TAutoList remote code execution vulnerability

Summary An exploitable uninitialized pointer vulnerability exists in the rich text format parser of Atlantis Word Processor, version 3.2.7.2. A specially crafted document can cause certain RTF tokens to dereference a pointer that has been uninitialized and then write to it. An attacker must...

8.8CVSS7.8AI score0.01006EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2018/11/19 12:0 a.m.28 views

openSUSE Security Update : libxkbcommon (openSUSE-2018-1418)

This update for libxkbcommon to version 0.8.2 fixes the following issues : - Fix a few NULL-dereferences, out-of-bounds access and undefined behavior in the XKB text format parser. - CVE-2018-15853: Endless recursion could have been used by local attackers to crash xkbcommon users by supplying a...

7.8CVSS6.2AI score0.00535EPSS
Exploits0References12
BDU FSTEC
BDU FSTEC
added 2018/10/11 12:0 a.m.4 views

The vulnerability of the RTF text processor, the Atlantis Word Processor, allows a hacker to execute arbitrary code.

The vulnerability of the Atlantis Word Processor, a RTF text processor, arises due to errors during initialization of variables. Exploiting this vulnerability allows an attacker to execute arbitrary code within the application, using a specially created RTF file...

7.6CVSS6AI score0.01202EPSS
Exploits1References4Affected Software1
Fedora
Fedora
added 2018/10/10 10:47 p.m.31 views

[SECURITY] Fedora 28 Update: python-markdown2-2.3.6-1.fc28

Markdown is a text-to-HTML filter; it translates an easy-to-read / easy-to-write structured text format into HTML. Markdown's text format is most similar to that of plain text email, and supports features such as headers, emphasis, code blocks, blockquotes, and links. This is a fast and complete...

6.1CVSS1.6AI score0.00812EPSS
Exploits0
Fedora
Fedora
added 2018/10/09 12:7 a.m.18 views

[SECURITY] Fedora 29 Update: python-markdown2-2.3.6-1.fc29

Markdown is a text-to-HTML filter; it translates an easy-to-read / easy-to-write structured text format into HTML. Markdown's text format is most similar to that of plain text email, and supports features such as headers, emphasis, code blocks, blockquotes, and links. This is a fast and complete...

6.1CVSS1.6AI score0.00812EPSS
Exploits0
Prion
Prion
added 2018/06/15 2:29 p.m.19 views

Information disclosure

Information disclosure vulnerability in McAfee ePolicy Orchestrator ePO 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows authenticated users to view sensitive information in plain text format via unspecified vectors...

4CVSS5.9AI score0.01201EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2018/06/15 2:29 p.m.17 views

CVE-2018-6672

Information disclosure vulnerability in McAfee ePolicy Orchestrator ePO 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows authenticated users to view sensitive information in plain text format via unspecified vectors...

6.5CVSS5.4AI score0.01201EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/06/15 2:0 p.m.23 views

CVE-2018-6672 SB10240 - ePolicy Orchestrator (ePO) - Information disclosure vulnerablity

Information disclosure vulnerability in McAfee ePolicy Orchestrator ePO 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows authenticated users to view sensitive information in plain text format via unspecified vectors...

5.7CVSS6AI score0.01201EPSS
Exploits0References3
Securelist
Securelist
added 2018/05/09 6:0 a.m.3171 views

The King is dead. Long live the King!

In late April 2018, a new zero-day vulnerability for Internet Explorer IE was found using our sandbox; more than two years since the last in the wild example CVE-2016-0189. This particular vulnerability and subsequent exploit are interesting for many reasons. The following article will examine th...

9.3CVSS8.4AI score0.99933EPSS
Exploits106
OSV
OSV
added 2018/04/12 1:29 a.m.0 views

CVE-2018-0950

An information disclosure vulnerability exists when Office renders Rich Text Format RTF email messages containing OLE objects when a message is opened or previewed, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Word, Microsoft Office. This CVE ID is unique fr...

6.5CVSS5.8AI score0.09024EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/04/12 1:0 a.m.30 views

CVE-2018-0950

An information disclosure vulnerability exists when Office renders Rich Text Format RTF email messages containing OLE objects when a message is opened or previewed, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Word, Microsoft Office. This CVE ID is unique fr...

5.6AI score0.09024EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2018/04/12 12:0 a.m.6 views

The vulnerability of the Microsoft Office software relates to the execution of operations beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Microsoft Office package arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted RTF document...

9.3CVSS6.2AI score0.24764EPSS
Exploits0References4
Rows per page
Query Builder