24 matches found
EUVD-2018-15826
Malware in sbrugna...
EUVD-2017-16406
Malware in sbrugna...
EUVD-2008-4215
Malware in sbrugna...
EUVD-2011-0502
Malware in sbrugna...
EUVD-2008-4216
Malware in sbrugna...
EUVD-2021-29578
Malicious code in bioql PyPI...
EUVD-2025-25292
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2018-17469
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect handling of PDF filter chains in PDFium in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory read via a...
CVE-2019-13176
An issue was discovered in the 3CX Phone system web management console 12.5.44178.1002 through 12.5 SP2. The Content.MainForm.wgx component is affected by XXE via a crafted XML document in POST data. There is potential to use this for SSRF reading local files, outbound HTTP, and outbound DNS...
CVE-2021-25635 Content Manipulation with Certificate Validation Attack
An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to self sign an ODF document, with a signature untrusted by the target, then modify it to change the signature algorithm to an invalid or unknown to LibreOffice algorithm and LibreOffice would incorrectly present...
Linux Distros Unpatched Vulnerability : CVE-2016-4658
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xpointer.c in libxml2 before 2.9.5 as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products does not forbid...
CVE-2023-31488
Hyland Perceptive Filters releases before 2023-12-08 e.g., 11.4.0.2647, as used in Cisco IronPort Email Security Appliance Software, Cisco Secure Email Gateway, and various non-Cisco products, allow attackers to trigger a segmentation fault and execute arbitrary code via a crafted document...
DEBIAN-CVE-2023-34872
A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service DoS crash via a crafted PDF file in OutlineItem::open...
SUSE CVE-2018-6871
LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function...
CVE-2020-27248
A specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-based buffer overflow. In version/Instance 0x0003 and 0x0014, an attacker can...
CVE-2020-24432
Acrobat Reader DC versions 2020.012.20048 and earlier, 2020.001.30005 and earlier and 2017.011.30175 and earlier and Adobe Acrobat Pro DC 2017.011.30175 and earlier are affected by an improper input validation vulnerability that could result in arbitrary JavaScript execution in the context of the...
CVE-2020-1012
An elevation of privilege vulnerability exists in the way that the Wininit.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. There are multiple ways an attacker could exploit the vulnerability: In a web-based atta...
CVE-2015-9541
Qt through 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is mishandled in QXmlStreamReader, a related issue to CVE-2003-1564...
Updated GravityRAT Malware Adds Advanced AV Detection
Researchers tracking the evolution of the remote access trojan GravityRAT warn that developers behind the malware have made key changes to the RAT’s code in an attempt to decrease antivirus detection. “We’ve seen file exfiltration, remote command execution capability and anti-vm techniques added...
Heap overflow
An exploitable heap corruption vulnerability exists in the DocGetFontTable functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious doc file to trigger this vulnerability...