Lucene search
K

110 matches found

OSV
OSV
added 2022/05/23 10:20 p.m.5 views

USN-5438-1 htmldoc vulnerability

It was discovered that HTMLDOC did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted HTML file, a remote attacker could possibly use this issue to cause HTMLDOC to crash, resulting in a denial of service, or possibly execute arbitrary...

10CVSS7.4AI score0.03291EPSS
Exploits1References2
OSV
OSV
added 2022/03/07 11:3 a.m.2 views

OESA-2022-1560 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting...

9.9CVSS7.6AI score0.83913EPSS
Exploits0References2
OSV
OSV
added 2022/02/24 3:15 p.m.5 views

CVE-2021-25636

LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to...

7.5CVSS7.5AI score0.00965EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/09/14 12:0 a.m.4 views

libsixel缓冲区错误漏洞

libsixel is a package that provides encoding/decoding implementations for DEC SIXEL graphics and other converter programs. libsixel suffers from an invalid read vulnerability that can be exploited by attackers to cause a denial of service DOS via a specially crafted PSD file...

6.5CVSS7.3AI score0.01338EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2021/06/18 12:0 a.m.6 views

The vulnerability of the Apache OpenOffice office software, related to errors in processing hypertext links, allows a hacker to execute arbitrary code.

The vulnerability of the Apache OpenOffice office software is related to errors in processing hypertext links. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted link within a document...

10CVSS8.3AI score0.04942EPSS
Exploits0References8Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/02 12:0 a.m.4 views

The vulnerability of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Acrobat Reader Document Cloud lies in the possibility of out-of-buffer operations in memory, allowing attackers to execute arbitrary code.

The vulnerability of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Acrobat Reader Document Cloud lies in the execution of operations beyond the buffer limits in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

10CVSS8.5AI score0.25265EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/03/18 12:0 a.m.4 views

SeedDMS 跨站请求伪造漏洞

SeedDMS is a free document management system with an easy-to-use web-based user interface. A cross-site request forgery vulnerability exists in out.EditDocument.php in SeedDMS 5.1.. An attacker can exploit this vulnerability to edit a victim's document...

4.3CVSS5.5AI score0.00497EPSS
Exploits1References3
OSV
OSV
added 2021/01/18 2:21 p.m.8 views

USN-4696-1 htmldoc vulnerability

It was discovered that HTMLDOC incorrectly handled certain HTML files. An attacker could possibly use this issue to cause a denial of service...

7.8CVSS7.1AI score0.01135EPSS
Exploits1References2
CNVD
CNVD
added 2020/09/30 12:0 a.m.2 views

Foxit PhantomPDF Remote Code Execution Vulnerability (CNVD-2020-62459)

PhantomPDF is a Chinese Foxit Foxit company for enterprise-level users of PDF document processing software. A remote code execution vulnerability exists in Foxit PhantomPDF's handling of U3D objects embedded in PDF files. The vulnerability stems from improper validation of user-supplied data. An...

7.8CVSS8.1AI score0.04002EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/06/22 12:0 a.m.6 views

The vulnerability of the ww8par2.cxx filter in the OpenOffice office suite allows a hacker to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the ww8par2.cxx filter in the OpenOffice office suite is related to an error in the sprmTSetBrc property modifier in documents. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data, compromise its integrity, and cause service failures...

9.9CVSS5.5AI score0.1173EPSS
Exploits0References5Affected Software5
Cvelist
Cvelist
added 2019/12/02 3:1 a.m.37 views

CVE-2019-19496

Alfresco Enterprise before 5.2.5 allows stored XSS via an uploaded HTML document...

5.2AI score0.00602EPSS
Exploits1References2
Cvelist
Cvelist
added 2019/10/31 8:32 p.m.41 views

CVE-2018-3983

An exploitable uninitialized pointer vulnerability exists in the Word document parser of the the Atlantis Word Processor. A specially crafted document can cause an array fetch to return an uninitialized pointer and then performs some arithmetic before writing a value to the result. Usage of this...

8.8CVSS7.7AI score0.01458EPSS
Exploits1References1
OSV
OSV
added 2019/09/24 8:24 a.m.2 views

USN-4138-1 libreoffice vulnerability

It was discovered that LibreOffice incorrectly handled embedded scripts in document files. If a user were tricked into opening a specially crafted document, a remote attacker could possibly execute arbitrary code...

7.8CVSS7.4AI score0.0193EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2019/02/26 12:0 a.m.7 views

PT-2019-19432 · Podofo +2 · Podofo +2

Name of the Vulnerable Software and Affected Versions: PoDoFo version 0.9.6 Description: The issue is related to a NULL pointer dereference in the setSource function, which can be triggered by sending a crafted PDF file. This can cause a Denial of Service Segmentation fault or possibly have other...

9.8CVSS7.2AI score0.02618EPSS
Exploits9References82
CNVD
CNVD
added 2019/01/09 12:0 a.m.3 views

Microsoft XmlDocument Class Privilege Vulnerability

Microsoft Windows 10, etc. are a series of operating systems released by Microsoft Corporation in the U.S. The XmlDocument class is one of the classes used to load XML into the document object model. An elevation vulnerability exists in the Microsoft XmlDocument class that can be exploited by a...

7.8CVSS8.6AI score0.0243EPSS
Exploits2References1
CNVD
CNVD
added 2018/10/12 12:0 a.m.4 views

Adobe Acrobat and Reader Arbitrary Code Execution Vulnerability (CNVD-2018-21100)

Adobe Acrobat and Reader are the United States of America Audobee Adobe company's products. The former is a set of PDF file editing and conversion tools, the latter is a set of PDF document reading software. Adobe Acrobat and Reader security vulnerabilities exist. Remote attackers can exploit the...

9.3CVSS7.8AI score0.13459EPSS
Exploits0References1
CNVD
CNVD
added 2018/10/12 12:0 a.m.2 views

Adobe Acrobat and Reader Heap Overflow Vulnerability (CNVD-2019-05311)

Adobe Acrobat and Reader are the United States of America Audobee Adobe company's products. The former is a set of PDF file editing and conversion tools, the latter is a set of PDF document reading software. Adobe Acrobat and Reader in the existence of a heap overflow vulnerability. A remote...

7.8CVSS7.7AI score0.10855EPSS
Exploits0References1
CNVD
CNVD
added 2018/09/19 12:0 a.m.3 views

Iceni Argus Buffer Overflow Vulnerability

Iceni Argus is the British Iceni company's set of PDF document type conversion tool. Iceni Argus 6.6.05 version of the 'ipStringCreate' function there is a heap buffer overflow vulnerability, an attacker can send specially crafted pdf files to exploit the vulnerability caused by heap corruption,...

8.8CVSS8.6AI score0.01044EPSS
Exploits2References1
CNVD
CNVD
added 2018/01/30 12:0 a.m.2 views

Polaris office 2017 suffers from a denial of service vulnerability (CNVD-2018-02908)

Polaris Office is an office software developed by INFRAWARE, a South Korean company. You can view and edit Word documents, Excel tables, Microsoft Office PowerPoint slides and other commonly used office documents. A denial of service vulnerability exists in the Polaris office 2017 executable...

6.7AI score
Exploits0
CNVD
CNVD
added 2017/10/27 12:0 a.m.3 views

Apache OpenOffice DOC File Parsing Remote Code Execution Vulnerability

Apache OpenOffice is open and free word processing software. The OpenOffice Writer DOC file parser and WW8Fonts constructor handles DOC file vulnerabilities, allowing remote attackers to exploit the vulnerability by submitting a special file and tricking the user into parsing it, which can crash...

7.8CVSS7.6AI score0.01805EPSS
Exploits1References1
Rows per page
Query Builder