Lucene search
K

38 matches found

RedhatCVE
RedhatCVE
added 2026/01/21 12:30 a.m.26 views

CVE-2025-65482

An XML External Entity XXE vulnerability in opensagres XDocReport v0.9.2 to v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .docx file...

9.8CVSS6AI score0.00492EPSS
Exploits1References1
OSV
OSV
added 2026/01/20 6:31 p.m.5 views

GHSA-7JC7-G598-2P64 XDocReport affected by an XML External Entity (XXE) vulnerability

An XML External Entity XXE vulnerability in opensagres XDocReport v0.9.2 to v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .docx file...

9.8CVSS6.2AI score0.00492EPSS
Exploits1References7
Packet Storm News
Packet Storm News
added 2026/01/18 12:0 a.m.6 views

TrojanPraise: Jailbreak LLMs Via Benign Fine-Tuning

The demand of customized large language models LLMs has led to commercial LLMs offering black-box fine-tuning APIs, yet this convenience introduces a critical security loophole: attackers could jailbreak the LLMs by fine-tuning them with malicious data. Though this security issue has recently bee...

5.5AI score
Exploits0
CNNVD
CNNVD
added 2023/09/26 12:0 a.m.13 views

Hancom Office Resource Management Error Vulnerability

Hancom Office is a mobile office program from the Korean company Hancom. The program supports viewing and editing documents in multiple formats. A resource management error vulnerability exists in Hancom Office version 2020 HWord 11.0.0.7520, which stems from a security issue in the footer...

8.8CVSS6.7AI score0.00655EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2023/05/29 12:0 a.m.8 views

The vulnerability of the PDF document viewing program Foxit PDF Reader (formerly Foxit Reader) and the PDF file editing program Foxit PDF Editor (formerly Foxit PhantomPDF) lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of the PDF document viewing program Foxit PDF Reader formerly Foxit Reader and the PDF file editing program Foxit PDF Editor formerly Foxit PhantomPDF is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.6AI score0.00538EPSS
Exploits0References5Affected Software2
SUSE CVE
SUSE CVE
added 2023/02/15 6:15 a.m.3 views

SUSE CVE-2006-2197

Integer overflow in wv2 before 0.2.3 might allow context-dependent attackers to execute arbitrary code via a crafted Microsoft Word document...

6.5CVSS8AI score0.02523EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:5 a.m.4 views

SUSE CVE-2009-0201

Heap-based buffer overflow in OpenOffice.org OOo before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via unspecified records in a crafted Word document, related to "table parsing."...

9.3CVSS8.3AI score0.06722EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:57 a.m.4 views

SUSE CVE-2010-3453

The WW8ListManager::WW8ListManager function in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 does not properly handle an unspecified number of list levels in user-defined list styles in WW8 data in a Microsoft Word document, which allows remote attackers to cause a denial of service...

9.3CVSS8AI score0.09672EPSS
Exploits0References6
CNVD
CNVD
added 2020/04/16 12:0 a.m.3 views

Ascensio System ONLYOFFICE Document Server Input Validation Error Vulnerability

Ascensio System ONLYOFFICE Document Server is an online office collaboration suite from Ascensio System, Latvia. The product supports viewing and editing of text, spreadsheets and presentations, among others. An input validation error vulnerability exists in Ascensio System ONLYOFFICE Document...

9.8CVSS7.3AI score0.02236EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2020/04/13 4:8 a.m.15 views

MS14-081: Description of the security update for Word 2013: December 9, 2014

Resolves vulnerabilities in Microsoft Office that could allow remote code execution if an attacker convinces a user to open or preview a specially crafted Microsoft Word file in an affected version of Office.IntroductionThis security update resolves vulnerabilities in Microsoft Office that could...

0.3AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2018/06/22 12:0 a.m.5 views

The vulnerability of the Microsoft Office software arises from an operation that goes beyond buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Microsoft Office package arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted DOCX file...

9.3CVSS6.2AI score0.23069EPSS
Exploits0References4
OSV
OSV
added 2018/04/16 9:58 a.m.2 views

DEBIAN-CVE-2018-10120

The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service heap-based buffer overflow with write access or possibly have unspecifie...

7.8CVSS7.8AI score0.02134EPSS
Exploits0References1
OSV
OSV
added 2018/04/16 12:0 a.m.4 views

UBUNTU-CVE-2018-10120

The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service heap-based buffer overflow with write access or possibly have unspecifie...

7.8CVSS7.5AI score0.02134EPSS
Exploits0References7
CNVD
CNVD
added 2015/03/12 12:0 a.m.2 views

Microsoft Word Line Formatting Denial of Service Vulnerability

Microsoft Word is an office word processing system developed by Microsoft. webGate is an APM solution for real-time monitoring and performance management of business-critical systems based on J2EE architecture. A security vulnerability in Microsoft Word line formatting allows an attacker to...

6.8AI score
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2014/03/03 12:0 a.m.13 views

Microsoft Word PlfLfo Structure Memory Corruption (MS08-072) - Ver2 (CVE-2008-4024)

Microsoft Word is a popular word processing software. A remote code execution vulnerability has been identified in Microsoft Word. The vulnerability is due to a memory corruption error in Microsoft Word that fails to properly handle specially crafted Word files. A remote attacker could trigger th...

9.3CVSS7.3AI score0.28876EPSS
Exploits0
NVD
NVD
added 2014/01/24 3:8 p.m.29 views

CVE-2014-1252

Double free vulnerability in Apple Pages 2.x before 2.1 and 5.x before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted Microsoft Word file...

7.5CVSS7.5AI score0.04165EPSS
Exploits0References9
NVD
NVD
added 2012/10/09 9:55 p.m.23 views

CVE-2012-2550

Microsoft Works 9 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via a crafted Word .doc file, aka "Works Heap Vulnerability."...

9.3CVSS7.6AI score0.22166EPSS
Exploits0References5
Cvelist
Cvelist
added 2012/10/09 9:0 p.m.24 views

CVE-2012-2550

Microsoft Works 9 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via a crafted Word .doc file, aka "Works Heap Vulnerability."...

7.6AI score0.22166EPSS
Exploits0References5
Check Point Advisories
Check Point Advisories
added 2011/12/13 12:0 a.m.10 views

Microsoft Word Access Violation Code Execution (MS11-099; CVE-2011-1983)

A remote code execution vulnerability has been reported in Microsoft Word. The vulnerability is due to an error in the way Microsoft Word handles objects in memory. A remote attacker could exploit this vulnerability by enticing a user to open a specially crafted Word file with an affected version...

9.3CVSS6.9AI score0.22724EPSS
Exploits1
Prion
Prion
added 2011/10/14 10:55 a.m.27 views

Buffer overflow

Buffer overflow in OfficeImport in Apple iOS before 5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted Microsoft Word document...

6.8CVSS8.1AI score0.03353EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder