CVE-2025-12384 Document Embedder – Embed PDFs, Word, Excel, and Other Files <= 2.0.0 - Missing Authorization to Unauthenticated Document Manipulation

The Document Embedder – Embed PDFs, Word, Excel, and Other Files plugin for WordPress is vulnerable to unauthorized access/modification/loss of data in all versions up to, and including, 2.0.0. This is due to the plugin not properly verifying that a user is authorized to perform an action in the...

CVE-2025-12384 Document Embedder – Embed PDFs, Word, Excel, and Other Files <= 2.0.0 - Missing Authorization to Unauthenticated Document Manipulation

The Document Embedder – Embed PDFs, Word, Excel, and Other Files plugin for WordPress is vulnerable to unauthorized access/modification/loss of data in all versions up to, and including, 2.0.0. This is due to the plugin not properly verifying that a user is authorized to perform an action in the...

EUVD-2018-6222

Malware in sbrugna...

EUVD-2018-6228

Malware in sbrugna...

EUVD-2021-20553

Malware in sbrugna...

EUVD-2013-0588

Malware in sbrugna...

EUVD-2018-12162

Malware in sbrugna...

EUVD-2023-0954

Malicious code in bioql PyPI...

EUVD-2021-28833

Malicious code in bioql PyPI...

CVE-2023-26470

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It's possible to make the farm unusable by adding an object to a page with a huge number e.g. 67108863. Most of the time this will fill the memory allocated to XWiki and make it unusable every...

CVE-2021-41832

It is possible for an attacker to manipulate documents to appear to be signed by a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25635 for the LibreOffice advisory...

jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods

A flaw was found in jQuery. HTML containing \ elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity...

PT-2023-20639 · Ox Software Gmbh +1 · Ox App Suite +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns a widget that allows specifying a product description, which is taken from a user-controllable source and added to the DOM without...

CVE-2021-25636

A improper certificate validation flaw was found in LibreOffice allowing an attacker to manipulate a digitally signed ODF document to appear that no alteration of the document occurred since the last signing and that the signature is valid...

Apache OpenOffice Data Forgery Problem Vulnerability (CNVD-2021-84242)

Apache OpenOffice is an open source office software suite from the U.S. Apache Apache Foundation. The suite contains text documents , spreadsheets , presentations , drawings , databases and so on. Versions of Apache OpenOffice prior to 4.1.10 contain a data forgery issue vulnerability that can be...

CVE-2021-41832

CVE-2021-41832 concerns Apache OpenOffice data forgery via signature manipulation. The issue allows an attacker to cause a document to appear signed by a trusted source, affecting all OpenOffice versions up to 4.1.10. The advised remediation is to upgrade to OpenOffice 4.1.11. While several relat...

CVE-2021-41830

CVE-2021-41830 describes an imbalance in trust validation where an attacker can manipulate signed documents and macros to appear from a trusted source, affecting Apache OpenOffice up to 4.1.10. The initial advisory recommends updating to OpenOffice 4.1.11. Connected documents discuss related Libr...

Microsoft Internet Explorer CTSF3CandidateMessage Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

VMware Workstation Shader Bytecode Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

[SECURITY] Fedora 31 Update: pdfbox-2.0.16-1.fc31

Apache PDFBox is an open source Java PDF library for working with PDF documents. This project allows creation of new PDF documents, manipulation of existing documents and the ability to extract content from documents. Apache PDFBox also includes several command line utilities. Apache PDFBox is...