53 matches found
EUVD-2008-3838
Malware in sbrugna...
EUVD-2023-54435
Malicious code in bioql PyPI...
Description of the security update for Excel 2016: December 10, 2024 (KB5002660)
None None...
Mozilla: XLL file extensions were downloadable without warnings
The Mozilla Foundation Security Advisory describes this flaw as: Excel .xll add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm...
Mozilla: XLL file extensions were downloadable without warnings
The Mozilla Foundation Security Advisory describes this flaw as: Excel .xll add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm...
Mozilla: XLL file extensions were downloadable without warnings
The Mozilla Foundation Security Advisory describes this flaw as: Excel .xll add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm...
Mozilla: XLL file extensions were downloadable without warnings
The Mozilla Foundation Security Advisory describes this flaw as: Excel .xll add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm...
Mozilla: XLL file extensions were downloadable without warnings
The Mozilla Foundation Security Advisory describes this flaw as: Excel .xll add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm...
SUSE CVE-2023-4581
Excel .xll add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2...
UBUNTU-CVE-2023-4581
Excel .xll add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2...
APT Hackers Turn to Malicious Excel Add-ins as Initial Intrusion Vector
Microsoft's decision to block Visual Basic for Applications VBA macros by default for Office files downloaded from the internet has led many threat actors to improvise their attack chains in recent months. Now according to Cisco Talos, advanced persistent threat APT actors and commodity malware...
Threat Spotlight: XLLing in Excel - threat actors using malicious add-ins
Microsoft is phasing out support for executing VBA macros in downloaded Office documents. Cisco Talos investigates another vector for introduction of malicious code to Microsoft Excel--malicious add-ins, specifically XLL files. Although XLL files were supported since early versions of Excel,...
Description of the security update for Office 2016: May 11, 2021 (KB5001920)
None None...
Description of the security update for Office 2013: May 11, 2021 (KB5001925)
Description of the security update for Office 2013: May 11, 2021 KB5001925 Summary This security update resolves a Microsoft Office Remote Code Execution Vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2021-31176. Note: To apply this...
Description of the security update for Office 2013: April 13, 2021 (KB4504726)
Description of the security update for Office 2013: April 13, 2021 KB4504726 Summary This security update resolves a Microsoft Excel remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2021-28449. Note: To apply this...
Description of the security update for Office 2016: April 13, 2021 (KB4504722)
None None...
June 1, 2021, update for Office 2013 (KB5001937)
June 1, 2021, update for Office 2013 KB5001937 This article describes update 5001937 for Microsoft Office 2013 that was released on June 1, 2021. This update also applies to Office Home and Student 2013 RT.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installe...
Description of the security update for SharePoint Server 2019: June 9, 2020
None None...
CVE-2020-11806
In MailStore Outlook Add-in and Email Archive Outlook Add-in through 12.1.2, the login process does not validate the validity of the certificate presented by the server...
Gurux GXDLMS Director Remote Execution Vulnerability
Gurux GXDLMS Director is an open source Windows program for interacting with meters by using the DLMS / COSEM protocol. A security vulnerability exists in Gurux GXDLMS Director prior to version 8.5.1905.1301, which stems from the program downloading over an unencrypted HTTP connection when updati...