Lucene search
K

145 matches found

Exploit DB
Exploit DB
added 2018/12/20 12:0 a.m.293 views

LanSpy 2.0.1.159 - Buffer Overflow (SEH) (Egghunter)

Exploit Title: LanSpy 2.0.1.159 - Local Buffer Overflow SEH Egghunter Exploit Author: bzyo Date: 12-19-18 Twitter: @bzyo Vulnerable Software: LanSpy 2.0.1.159 Vendor Homepage: https://lizardsystems.com Version: 2.0.1.159 Software Link 1:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/05/09 12:0 a.m.26 views

Allok Video Splitter 3.1.12.17 - Denial of Service

Exploit Title: Allok Video Splitter 3.1.1217 Date: 2018-05-09 Exploit Author: Achilles Vendor Homepage: http://www.alloksoft.com/ Vulnerable Software: http://www.alloksoft.com/allokvsplitter.exe Tested on OS: Windows 7 64-bit DE Steps to reproduce: Copy the contents of the file Evil.txt and paste...

7.4AI score
Exploits0
Veracode
Veracode
added 2018/04/24 2:43 a.m.32 views

Copy-Paste Vulnerability Through LibXML2

Nokogiri is vulnerable to attacks through a copied version of LibXML2 within the codebase. LibXML2 before 2.9.5 is vulnerable to CVE-2017-18258 - the LibXML2 decoder does not limit memory usage for what is required when decoding LZMA files...

6.5CVSS7.2AI score0.02706EPSS
Exploits0References7Affected Software2
Exploit DB
Exploit DB
added 2018/01/15 12:0 a.m.49 views

OBS Studio 20.1.3 - Local Buffer Overflow

author = ''' Created: ScrR1pTK1dd13 Name: Greg Priest Mail: [email protected] Exploit Title: OBS-Studio-20.1.3 Local Buffer Overflow Zer0Day SEH Based PoC Date: 2018.01.15 Exploit Author: Greg Priest Version: OBS-Studio-20.1.3 Tested on: Windows7 x64 HUN/ENG Enterprise Software...

7.4AI score
Exploits0
CNVD
CNVD
added 2017/12/13 12:0 a.m.4 views

Microsoft Office Information Disclosure Vulnerability (CNVD-2018-00739)

Microsoft Office is an office software suite of products developed by the American Microsoft Corporation Microsoft. An information disclosure vulnerability exists in Microsoft Office that originates from the program failing to properly enforce copy/paste permissions on DRM-protected emails. An...

6.5CVSS6.2AI score0.06278EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2017/12/12 9:29 p.m.2 views

CVE-2017-11939

Microsoft Office 2016 Click-to-Run C2R allows an information disclosure vulnerability due to the way Microsoft Office enforces DRM copy/paste permissions, aka "Microsoft Office Information Disclosure Vulnerability"...

6.5CVSS5.5AI score0.06278EPSS
Exploits0References4
Prion
Prion
added 2017/12/12 9:29 p.m.19 views

Information disclosure

Microsoft Office 2016 Click-to-Run C2R allows an information disclosure vulnerability due to the way Microsoft Office enforces DRM copy/paste permissions, aka "Microsoft Office Information Disclosure Vulnerability"...

4CVSS6.1AI score0.06278EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/12/12 9:0 p.m.30 views

CVE-2017-11939

Microsoft Office 2016 Click-to-Run C2R allows an information disclosure vulnerability due to the way Microsoft Office enforces DRM copy/paste permissions, aka "Microsoft Office Information Disclosure Vulnerability"...

6.3AI score0.06278EPSS
Exploits0References3
CVE
CVE
added 2017/12/12 9:0 p.m.102 views

CVE-2017-11939

CVE-2017-11939 affects Microsoft Office 2016 (Click-to-Run). The vulnerability is an information-disclosure flaw stemming from DRM copy/paste enforcement, potentially leaking a user’s private data (e.g., private key) from the certificate store or plaintext from DRM-protected emails/drafts. Affect...

6.5CVSS6.3AI score0.06278EPSS
Exploits0References3Affected Software1
Microsoft CVE
Microsoft CVE
added 2017/12/12 8:0 a.m.29 views

Microsoft Office Information Disclosure Vulnerability

An information disclosure vulnerability exists when Microsoft Outlook fails to enforce copy/paste permissions on DRM-protected emails. An attacker who successfully exploited the vulnerability could potentially extract plaintext content from DRM-protected draft emails. The attacker would have to u...

6.5CVSS2.3AI score0.06278EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2017/09/12 7:0 a.m.59 views

Description of the security update for PowerPoint 2016: September 12, 2017

Description of the security update for PowerPoint 2016: September 12, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft...

9.3CVSS8AI score0.21319EPSS
Exploits0
Veracode
Veracode
added 2017/06/06 7:49 a.m.28 views

Copy-Paste Vulnerability (CVE) Denial Of Service (DoS)

CryptoppECC contains a copy of the Crypto++ aka cryptopp and libcrypto++ library inside it. The version that it contains is vulnerable to a denial of service DoS attack through the mishandling of the ASN1 encoding. Crypto++ allocates a SecByteBlock of the size that the ASN1 decoder reads as the...

7.5CVSS7.2AI score0.04202EPSS
Exploits0References2Affected Software1
Veracode
Veracode
added 2017/05/17 7:6 a.m.33 views

Copy-Paste Vulnerability (CPV) Through Libxslt

nokogiri has a copied version of the libxslt library. The copy that nokogiri includes is vulnerable to the following issues: 1. CVE-2016-1683 - Denial of Service DoS via an out-of-bounds heap memory access. This is caused by libxslt mishandling namespace nodes leading to out-of-bounds heap memory...

8.1AI score0.02142EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2016/09/13 7:0 a.m.38 views

Microsoft Office Information Disclosure Vulnerability

An information disclosure vulnerability exists when Microsoft Outlook fails to enforce copy/paste permissions on DRM-protected emails. An attacker who successfully exploited the vulnerability could potentially extract plaintext content from DRM-protected draft emails. The attacker would have to u...

6.5CVSS2.3AI score0.04897EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/03/27 12:0 a.m.46 views

Fedora 20 : nx-libs-3.5.0.29-1.fc20 (2015-3964)

Update to 3.5.0.29 : - further reduction of code size by Mike Gabriel - /.x2go/config/keystrokes.cfg, /etc/x2go/keystrokes.cfg and /etc/nxagent/keystrokes.cfg are now respected thanks to Horst Schirmeier - security fixes for CVE-2011-2895, CVE-2011-4028, CVE-2013-4396, CVE-2013-6462, CVE-2014-020...

9.3CVSS6.9AI score0.10254EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2015/03/23 12:0 a.m.35 views

Fedora 22 : nx-libs-3.5.0.29-1.fc22 (2015-3953)

Update to 3.5.0.29 : - further reduction of code size by Mike Gabriel - /.x2go/config/keystrokes.cfg, /etc/x2go/keystrokes.cfg and /etc/nxagent/keystrokes.cfg are now respected thanks to Horst Schirmeier - security fixes for CVE-2011-2895, CVE-2011-4028, CVE-2013-4396, CVE-2013-6462, CVE-2014-020...

9.3CVSS6.9AI score0.10254EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.26 views

openSUSE Security Update : libreoffice-34 (openSUSE-SU-2011:1143-1)

LibreOffice 3.4 includes new interesting features and fixes, see http://www.libreoffice.org/download/3-4-new-features-and-fix es/ The update fixes the following security issue : - 704311: libreoffice Lotus Word Pro filter multiple vulnerabilities CVE-2011-2685 - 722075: LibreOffice: Out-of-bounds...

9.3CVSS5.5AI score0.07042EPSS
Exploits1References44
CVE
CVE
added 2013/03/28 10:0 a.m.66 views

CVE-2013-0926

CVE-2013-0926 affects Google Chrome prior to 26.0.1410.43. The issue arises when copying and pasting active content in an EMBED element, enabling a user‑assisted remote attacker to trigger an unspecified impact on a crafted site. The provided documents do not specify a confirmed impact or a patch...

6.8CVSS6.1AI score0.0111EPSS
Exploits0References11Affected Software1
OSV
OSV
added 2013/01/29 5:58 a.m.3 views

UBUNTU-CVE-2013-0962

Cross-site scripting XSS vulnerability in WebKit in Apple iOS before 6.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted content that is not properly handled during a copy-and-paste operation...

2.6CVSS5.9AI score0.01097EPSS
Exploits0References4
Prion
Prion
added 2012/02/14 10:55 p.m.17 views

Information disclosure

Microsoft Internet Explorer 6 through 9 does not properly perform copy-and-paste operations, which allows user-assisted remote attackers to read content from a different 1 domain or 2 zone via a crafted web site, aka "Copy and Paste Information Disclosure Vulnerability."...

4.3CVSS6.7AI score0.14099EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder