Lucene search
+L

13 matches found

NVD
NVD
added 2021/02/10 10:15 p.m.26 views

CVE-2020-27250

In SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 Revision 1014, a specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-base...

8.8CVSS0.00949EPSS
Exploits1References1
NVD
NVD
added 2021/02/04 7:15 a.m.26 views

CVE-2020-13579

An exploitable integer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser perform arithmetic that may overflow which can result in an undersized heap allocation...

8.8CVSS0.72559EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/02/04 6:9 a.m.28 views

CVE-2020-13579

An exploitable integer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser perform arithmetic that may overflow which can result in an undersized heap allocation...

8.8CVSS8AI score0.72559EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2020/08/09 12:0 a.m.3 views

PT-2020-3975 · Microsoft · Edge +2

Name of the Vulnerable Software and Affected Versions: Windows Text Service Module affected versions not specified Description: A remote code execution issue exists due to improper memory handling by the Windows Text Service Module, allowing an attacker to gain execution on a victim system. This...

7.6CVSS7.9AI score0.03264EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2020/06/09 7:0 a.m.34 views

Microsoft Browser Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the...

7.6CVSS3.9AI score0.19057EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2020/02/12 12:0 a.m.44 views

Security Updates for Microsoft Office Products (February 2020) (macOS)

The Microsoft Office application installed on the remote macOS or Mac OS X host is missing a security update. It is, therefore, affected by a remote code execution vulnerability due to Microsoft Excel improperly handling objects in memory. An attacker who successfully exploited the vulnerability...

9.3CVSS8.8AI score0.15168EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2019/02/12 8:0 a.m.35 views

Microsoft Browser Spoofing Vulnerability

A spoofing vulnerability exists when Microsoft browsers improperly handles specific redirects. An attacker who successfully exploited this vulnerability could trick a user into believing that the user was on a legitimate website. The specially crafted website could either spoof content or serve a...

4.3CVSS2.3AI score0.02786EPSS
Exploits0
Talos Blog
Talos Blog
added 2018/07/31 9:38 a.m.1162 views

Multiple Cobalt Personality Disorder

Introduction Despite the notion that modern cybersecurity protocols have stopped email-based attacks, email continues to be one of the primary attack vectors for malicious actors — both for widespread and targeted operations. Recently, Cisco Talos has observed numerous email-based attacks that ar...

9.3CVSS0.99945EPSS
Exploits79
Check Point Advisories
Check Point Advisories
added 2017/10/16 12:0 a.m.35 views

Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-11799)

A Memory Corruption Vulnerability exists in Microsoft Edge. The vulnerability is due to the way JavaScript engine in Edge renders when handling objects in memory. A remote attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...

7.6CVSS7.2AI score0.63675EPSS
Exploits3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

APC PowerChute Network Shutdown HTTP Response Splitting and Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/33924/info APC PowerChute Network Shutdown is prone to an HTTP-response-splitting vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2014/06/10 12:0 a.m.35 views

Microsoft Internet Explorer Memory Corruption (MS14-035: CVE-2014-1785)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.30292EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2012/01/12 12:0 a.m.4 views

Nullsoft Winamp Advanced Module Format File Buffer Overflow

A remote code execution vulnerability has been reported in Nullsoft Winamp. The vulnerability is caused due to a heap buffer overflow while handling specially crafted Advanced Module Format .amf files. A remote attacker may trigger this vulnerability by enticing a user to open a specially crafted...

3.9AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2005/11/13 12:0 a.m.33 views

Lynx: Arbitrary command execution

Background Lynx is a fully-featured WWW client for users running cursor-addressable, character-cell display devices such as vt100 terminals and terminal emulators. Description iDefense labs discovered a problem within the feature to execute local cgi-bin programs via the "lynxcgi:" URI handler. D...

7.5CVSS7.1AI score0.04923EPSS
Exploits0
Rows per page
Query Builder