8 matches found
CVE-2026-33486
Roadiz is a polymorphic content management system based on a node system that can handle many types of services. A vulnerability in roadiz/documents prior to versions 2.7.9, 2.6.28, 2.5.44, and 2.3.42 allows an authenticated attacker to read any file on the server's local file system that the web...
Linux Distros Unpatched Vulnerability : CVE-2023-26268
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using these design document...
CVE-2019-20801
An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server allows for cross-origin requests from any domain, and the WebSocket server lacks authorization control. Any web site can execute JavaScript code that accesses a user's data via...
USN-5066-2 python-pysaml2 vulnerability
USN-5066-1 fixed a vulnerability in PySAML2. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Brian Wolff discovered that PySAML2 incorrectly validated cryptographic signatures. A remote attacker could possibly use this issue to alter SAML documents...
AudimexEE SQL Injection Vulnerability
AudimexEE is a system for audit management from Audimex AG, Germany. The system meets complex audit processes around the company's business, supports customization for use and is deployed platform-independently. A SQL injection vulnerability exists in the Documents component of AudimexEE versions...
Readdle Documents app authorization control vulnerability
Readdle Documents app is a document manager from Readdle Ukraine. The product supports viewing EPUB eBooks, viewing Word and Excel documents and more. A security vulnerability exists in the iOS-based Readdle Documents app prior to version 6.9.7, which stems from the file transfer web server...
DEBIAN-CVE-2018-6871
LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function...
Microsoft IE HtmlDlgHelper类内存破坏漏洞(MS10-071)
BUGTRAQ ID: 43706 CVE ID: CVE-2010-3329 Internet Explorer是Windows操作系统中默认捆绑的WEB浏览器。 Windows在实例化Office文档(如.XLS、.DOC)中HtmlDlgHelper类对象(CLASSID: 3050f4e1-98b5-11cf-bb82-00aa00bdce0b)的方式存在内存破坏漏洞。有漏洞的模块是Internet Explorer中的mshtmled.dll,当调用CHtmlDlgHelper类的析构程序之后访问未初始化内存时就会在mshtmled.dll...