19 matches found
EUVD-2019-0620
Malware in sbrugna...
EUVD-2018-14256
Malware in sbrugna...
EUVD-2021-0663
Malware in sbrugna...
EUVD-2019-1041
Malware in sbrugna...
EUVD-2025-11554
Malicious code in bioql PyPI...
EUVD-2022-2742
Malicious code in bioql PyPI...
CVE-2025-32415
CVE-2025-32415 affects libxml2: vulnerable in versions prior to 2.13.8 and 2.14.x prior to 2.14.2. The root cause is a heap-based buffer under-read in xmlSchemaIDCFillNodeTables (xmlschemas.c) that can be triggered by validating a crafted XML against a specific identity-constrained XML schema or ...
CVE-2024-42374
BEx Web Java Runtime Export Web Service does not sufficiently validate an XML document accepted from an untrusted source. An attacker can retrieve information from the SAP ADS system and exhaust the number of XMLForm service which makes the SAP ADS rendering PDF creation unavailable. This affects...
CVE-2023-0950
CVE-2023-0950 relates to an Improper Validation of Array Index vulnerability in the LibreOffice spreadsheet component (Calc formula parsing). The issue occurs when loading malformed spreadsheet formulas (for example, AGGREGATE) that pass fewer parameters than expected, triggering an array index u...
EUVD-2022-32667
When a user access SOAP Web services in SAP BusinessObjects Business Intelligence Platform - version 420, 430, it does not sufficiently validate the XML document accepted from an untrusted source, which might result in arbitrary files retrieval from the server and in successful exploits of DoS...
OPENSUSE-SU-2022:0886-1 Security update for libreoffice
This update for libreoffice fixes the following issues: Update to version 7.2.5.1 jscSLE-18214: - CVE-2021-25636: Fixed an incorrect vadidation of digitally signed documents bsc1196456...
CVE-2021-27617
The Integration Builder Framework of SAP Process Integration versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently validate an XML document uploaded from local source. An attacker can craft a malicious XML which when uploaded and parsed by the application, could lead to...
Design/Logic Flaw
The Integration Builder Framework of SAP Process Integration versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently validate an XML document uploaded from local source. An attacker can craft a malicious XML which when uploaded and parsed by the application, could lead to...
Ubuntu: Security Advisory (USN-4619-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-9851 LibreLogo global-event script execution
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document event script handers...
Microsoft Edge Security Feature Bypass Vulnerability
A security feature bypass vulnerability exists in Microsoft Edge when the Edge Content Security Policy CSP fails to properly validate certain specially crafted documents. An attacker who exploited the bypass could trick a user into loading a page containing malicious content. To exploit the bypas...
MS16-035: Description of the security update for the .NET Framework 4.6 and 4.6.1 in Windows Server 2012: March 8, 2016
MS16-035: Description of the security update for the .NET Framework 4.6 and 4.6.1 in Windows Server 2012: March 8, 2016 November 8, 2016 A detection change was made to account for the .NET Framework 4.6.1 hotfix rollup for customers who were not being correctly offered this security update for th...
MS16-035: Description of the security update for the .NET Framework 3.5 in Windows Server 2012: March 8, 2016
MS16-035: Description of the security update for the .NET Framework 3.5 in Windows Server 2012: March 8, 2016 View products that this article applies to. Summary This update resolves a vulnerability in the Microsoft .NET Framework. The security feature bypass exists in a .NET Framework component...
MS16-035: Description of the security update for the .NET Framework 4.6 and 4.6.1 in Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: March 8, 2016
MS16-035: Description of the security update for the .NET Framework 4.6 and 4.6.1 in Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2: March 8, 2016 November 8, 2016 A detection change was made to account for the .NET Framework 4.6.1 hotfix rollup for customers who were not being correctly...