Lucene search
K

5608 matches found

ptsecurity
ptsecurity
added 2026/06/09 12:0 a.m.12 views

PT-2026-47957

Name of the Vulnerable Software and Affected Versions Microsoft Office Word affected versions not specified Description An untrusted pointer dereference allows an unauthorized attacker to execute arbitrary code locally and remotely, affecting the system. Recommendations At the moment, there is no...

7.8CVSS7.4AI score0.00457EPSS
Exploits0References6
cnnvd
cnnvd
added 2026/06/09 12:0 a.m.14 views

Microsoft Office 缓冲区错误漏洞

Microsoft Office is a suite of office software products developed by Microsoft Corporation in the United States. Common components of this product include Word, Excel, Access, PowerPoint, and FrontPage. There is a security vulnerability in Microsoft Office, which stems from a heap buffer overflow...

7.8CVSS7.4AI score0.00457EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/09 12:0 a.m.12 views

PT-2026-47953

Name of the Vulnerable Software and Affected Versions Microsoft Office Word affected versions not specified Description A heap-based buffer overflow occurs when a program writes more data to a heap-allocated memory block than it can hold, potentially corrupting adjacent memory. In Microsoft Offic...

3.3CVSS6.1AI score0.00371EPSS
Exploits0References4
cnnvd
cnnvd
added 2026/06/09 12:0 a.m.16 views

Microsoft Office Word 资源管理错误漏洞

Microsoft Office Word is a word processing software developed by Microsoft. There is a resource management vulnerability in Microsoft Office Word, which stems from an untrusted pointer dereferencing. This vulnerability may allow unauthorized attackers to execute code locally...

7.8CVSS5.6AI score0.00372EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/06/09 12:0 a.m.21 views

Microsoft Office 缓冲区错误漏洞

Microsoft Office is a suite of office software products developed by Microsoft Corporation in the United States. Common components of this product include Word, Excel, Access, PowerPoint, and FrontPage. There is a code execution vulnerability in Microsoft Office, which is caused by improper...

7.8CVSS7.8AI score0.00457EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/06/09 12:0 a.m.16 views

Microsoft Office 缓冲区错误漏洞

Microsoft Office is a suite of office software products developed by Microsoft Corporation in the United States. Common components of this product include Word, Excel, Access, PowerPoint, and FrontPage. There is a security vulnerability in Microsoft Office, which stems from type confusion. This...

8.4CVSS7.1AI score0.0044EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/06/09 12:0 a.m.14 views

Microsoft Excel for Android 权限许可和访问控制问题漏洞

Microsoft Office is a suite of office software products developed by Microsoft Corporation in the United States. Common components of this product include Word, Excel, Access, PowerPoint, and FrontPage. There is an access control error vulnerability in Microsoft Office. Attackers utilize this...

7.1CVSS5.9AI score0.00419EPSS
Exploits0References1
nessus
nessus
added 2026/06/09 12:0 a.m.36 views

Security Updates for Microsoft Word Products (June 2026)

The Microsoft Word Products are missing a security update. They are, therefore, affected by multiple vulnerabilities: - Access of resource using incompatible type 'type confusion' in Microsoft Office allows an unauthorized attacker to execute code locally. CVE-2026-45456, CVE-2026-45458 - Untrust...

8.4CVSS7.2AI score0.00457EPSS
Exploits0References4
githubexploit
githubexploit
added 2026/06/08 11:37 a.m.123 views

Exploit for Integer Overflow or Wraparound in Microsoft

CVE-2023-21716 — Microsoft Word RTF fonttbl Heap Corruption RC...

9.8CVSS8.2AI score0.82302EPSS
Exploits11
attackerkb
attackerkb
added 2026/06/08 1:55 a.m.8 views

CVE-2022-50953

WordPress Plugin admin-word-count-column 2.2 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting null byte injection in the path parameter. Attackers can send GET requests to download-csv.php with a crafted path parameter containing...

6.9CVSS5.6AI score0.00342EPSS
Exploits0References3Affected Software1
cve
cve
added 2026/06/08 1:55 a.m.22 views

CVE-2022-50953

The CVE concerns the WordPress plugin admin-word-count-column version 2.2 . A vulnerability allows unauthenticated local file read via crafted requests to download-csv.php, exploiting a null byte injection in the path parameter to bypass restrictions and read arbitrary files (e.g., system configu...

6.9CVSS5.6AI score0.00342EPSS
Exploits0References3
euvd
euvd
added 2026/06/08 1:55 a.m.10 views

EUVD-2022-56000

WordPress Plugin admin-word-count-column 2.2 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting null byte injection in the path parameter. Attackers can send GET requests to download-csv.php with a crafted path parameter containing...

6.9CVSS5.6AI score0.00342EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/06/08 1:55 a.m.8 views

CVE-2022-50953 WordPress Plugin admin-word-count-column 2.2 Local File Read

WordPress Plugin admin-word-count-column 2.2 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting null byte injection in the path parameter. Attackers can send GET requests to download-csv.php with a crafted path parameter containing...

6.9CVSS5.6AI score0.00342EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/06/08 12:0 a.m.24 views

PT-2026-47231

WordPress Plugin admin-word-count-column 2.2 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting null byte injection in the path parameter. Attackers can send GET requests to download-csv.php with a crafted path parameter containing...

6.9CVSS5.6AI score0.00342EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/08 12:0 a.m.17 views

PT-2026-47710

CVE-2024-56123 - Microsoft Word XML External Entity Injection CVE ID :CVE-2024-56123 Published : June 8, 2026, 10:16 a.m. | 44 minutes ago Description :Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details,...

5.3AI score
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:37 p.m.10 views

CVE-2026-3620

The Word Replacer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'replacement' parameter in all versions up to, and including, 0.4. This is due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

4.4CVSS5.7AI score0.00246EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:32 p.m.11 views

CVE-2026-6395

The Word 2 Cash plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to Stored Cross-Site Scripting in versions up to and including 0.9.2. This is due to the complete absence of nonce verification on the settings save handler in the w2cadmin function, combined with missing inp...

6.1CVSS5.7AI score0.00153EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:29 p.m.11 views

CVE-2026-28732

Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13, 11.4.x = 11.4.3 Fail to enforce slash command trigger-word uniqueness during command updates which allows an authenticated team member with Manage Own Slash Commands permission to hijack and impersonate existing system or custom slash...

4.3CVSS5.5AI score0.00152EPSS
Exploits0References1
osv
osv
added 2026/06/05 5:45 a.m.7 views

BIT-GOLANG-2026-42504 Quadratic complexity in WordDecoder.DecodeHeader in mime

Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...

7.5CVSS5.4AI score0.0056EPSS
Exploits0References5
osv
osv
added 2026/06/04 9:4 p.m.3 views

ROOT-APP-NPM-CVE-2023-26115 CVE-2023-26115 in @rootio/word-wrap - Patched by Root

Root has patched CVE-2023-26115 in the @rootio/word-wrap package for Root:npm. Multiple fixed versions available...

5.3CVSS6.7AI score0.01709EPSS
Exploits1
Rows per page
Query Builder