Lucene search
K

72 matches found

CNVD
CNVD
added 2021/03/02 12:0 a.m.7 views

ONLYOFFICE Document Server File Extension Handling Vulnerability (CNVD-2021-17247)

ONLYOFFICE Document Server is a free collaborative online office suite that includes viewers and editors for text, spreadsheets and presentations. A file extension handling vulnerability exists in the ONLYOFFICE DocumentServer core module, which can be exploited by an attacker to remotely execute...

9.8CVSS7.1AI score0.11763EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/03/01 12:0 a.m.5 views

Dockerhub Document Server 安全漏洞

ONLYOFFICE Document Server is a free collaborative online office suite that includes viewers and editors for text, spreadsheets and presentations. A file extension handling vulnerability exists in the ONLYOFFICE DocumentServer core module, which can be exploited by an attacker to remotely execute...

9.8CVSS8.6AI score0.11763EPSS
Exploits1References6
OSV
OSV
added 2021/02/19 2:15 p.m.3 views

CVE-2021-3204

SSRF in the document conversion component of Webware Webdesktop 5.1.15 allows an attacker to read all files from the server...

6.5CVSS6.6AI score0.00914EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/02/05 12:0 a.m.7 views

Modesty pdfjson buffer error vulnerability

Modesty Pdf2json is Modesty individual developers of a Java-based PDF files can interact with Json files code library. A buffer error vulnerability exists in pdf2json 0.69, which stems from a buffer overflow that allows a local user to execute arbitrary code by converting a carefully crafted PDF...

7.8CVSS7.7AI score0.00536EPSS
Exploits1References3
CNVD
CNVD
added 2021/01/27 12:0 a.m.4 views

Zhuhai Kingsoft Office Software Co., Ltd. Kingsoft PDF suffers from dll hijacking vulnerability

Kingsoft PDF is a powerful and easy-to-use PDF editor. Support one-click editing, quickly modify the content of PDF documents, and support PDF documents and docx/pptx/excel/txt/pictures and other document formats conversion. Ltd. Kingsoft PDF dll hijacking vulnerability, attackers can use the...

7.2AI score
Exploits0
Fedora
Fedora
added 2020/09/29 12:17 a.m.17 views

[SECURITY] Fedora 33 Update: pandoc-2.9.2.1-8.fc33

Pandoc is a Haskell library for converting from one markup format to anothe r, and a command-line tool that uses this library. It can read several dialect s of Markdown and subsets of HTML, reStructuredText, LaTeX, DocBook, JATS, MediaWiki markup, DokuWiki markup, TWiki markup, TikiWiki markup,...

6.5CVSS6.4AI score0.01566EPSS
Exploits0
Fedora
Fedora
added 2019/11/18 10:48 p.m.35 views

[SECURITY] Fedora 31 Update: ghostscript-9.27-2.fc31

This package provides useful conversion utilities based on Ghostscript soft ware, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Syste ms' PostScript PS and Portable Document Format PDF page description...

8.8CVSS1.9AI score0.03434EPSS
Exploits0
CVE
CVE
added 2019/10/31 8:9 p.m.116 views

CVE-2019-5030

The CVE-2019-5030 issue affects Antenna House Rainbow PDF Office Server Document Converter (V7.0 Pro MR1, 7.0.2019.0220). The root cause is a bounds-check flaw in TxMasterStyleAtom::parse during DocumentTextInfoContainer parsing: cLevels is not reliably limited to 0x0005, allowing index to exceed...

8.8CVSS9AI score0.02866EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/10/31 8:9 p.m.32 views

CVE-2019-5030

A buffer overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro MR1 7,0,2019,0220. While parsing a document text info container, the TxMasterStyleAtom::parse function is incorrectly checking the bounds corresponding to...

8.8CVSS9.1AI score0.02866EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2019/10/01 12:0 a.m.26 views

Fedora Update for ghostscript FEDORA-2019-ebd6c4f15a

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.4AI score0.43901EPSS
Exploits4References2
Fedora
Fedora
added 2019/09/28 1:56 a.m.35 views

[SECURITY] Fedora 29 Update: ghostscript-9.27-1.fc29

This package provides useful conversion utilities based on Ghostscript soft ware, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Syste ms' PostScript PS and Portable Document Format PDF page description...

9.8CVSS1.9AI score0.43901EPSS
Exploits4
Fedora
Fedora
added 2019/09/25 1:9 a.m.30 views

[SECURITY] Fedora 30 Update: ghostscript-9.27-1.fc30

This package provides useful conversion utilities based on Ghostscript soft ware, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Syste ms' PostScript PS and Portable Document Format PDF page description...

9.8CVSS1.9AI score0.43901EPSS
Exploits4
Talos
Talos
added 2019/05/14 12:0 a.m.85 views

Antenna House Rainbow PDF Office server document converter TxMasterStyleAtom parsing code execution vulnerability

Summary A buffer overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro MR1 7,0,2019,0220. While parsing a document text info container, the TxMasterStyleAtom::parse function is incorrectly checking the bounds...

8.8CVSS8.9AI score0.02866EPSS
Exploits1
CNVD
CNVD
added 2018/10/17 12:0 a.m.3 views

Foxit Reader and Foxit PhantomPDF for Windows Memory Misreference Vulnerability (CNVD-2018-22408)

Foxit Reader for Windows is a Windows-based PDF document reader from China's Foxit Foxit Software Corporation.Foxit PhantomPDF for Windows is its commercial version. A memory misreference vulnerability exists in the conversion of HTML files to PDF in Foxit Reader 9.2.0.9297 and earlier versions a...

8.8CVSS8.7AI score0.03855EPSS
Exploits0References1
Prion
Prion
added 2018/07/11 4:29 p.m.19 views

Heap overflow

An exploitable heap corruption exists in the PowerPoint document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 6,1,2018,0312. A crafted PowerPoint PPT document can lead to heap corruption, resulting in remote code execution...

6.8CVSS8.1AI score0.02489EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/07/11 4:29 p.m.25 views

CVE-2018-3933

An exploitable out-of-bounds write exists in the Microsoft Word document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 6,1,2018,0312. A crafted Microsoft Word DOC document can lead to an out-of-bounds write, resulting in remote cod...

8.8CVSS9AI score0.02052EPSS
Exploits1References1
NVD
NVD
added 2018/07/11 4:29 p.m.24 views

CVE-2018-3929

An exploitable heap corruption exists in the PowerPoint document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 6,1,2018,0312. A crafted PowerPoint PPT document can lead to heap corruption, resulting in remote code execution...

8.8CVSS8.4AI score0.02489EPSS
Exploits1References1
CVE
CVE
added 2018/07/11 4:0 p.m.53 views

CVE-2018-3929

The CVE-2018-3929 entry concerns Antenna House Office Server Document Converter on Linux64, version 6.1 Pro MR2. A vulnerability in the PowerPoint (.ppt) document conversion path can cause heap corruption, enabling remote code execution when processing a specially crafted PPT file. The issue is t...

8.8CVSS8.1AI score0.02489EPSS
Exploits1References1Affected Software1
Talos
Talos
added 2018/07/10 12:0 a.m.47 views

Antenna House Office Server Document Converter putShapeProperty Code Execution Vulnerability

Summary An exploitable out-of-bounds write exists in the Microsoft Word document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 6,1,2018,0312. A crafted Microsoft Word DOC document can lead to an out-of-bounds write, resulting in...

8.8CVSS8.2AI score0.02489EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 1:7 p.m.19 views

Security Bulletin: Weakness in generated service credentials affects multiple Watson Developer Cloud services (CVE-2016-0391)

Summary A weakness in generated service credentials that affects multiple Watson Developer Cloud offered through IBM Bluemix has been identified and fixed. Replacement of previously generated credentials is recommended. Vulnerability Details CVEID: CVE-2016-0391 DESCRIPTION: Multiple Watson...

9.8CVSS0.5AI score0.01348EPSS
Exploits0Affected Software1
Rows per page
Query Builder