GHSA-29W6-C52G-M8JC C5 Firefly III CSV Injection.

Summary CSV injection is a vulnerability where untrusted user input in CSV files can lead to unauthorized access or data manipulation. In my subsequent testing of the application. Details I discovered that there is an option to "Export Data" from the web app to your personal computer, which expor...

Microsoft Excel 365 MSO (Version 2302 Build 16.0.16130.20186) 64-bit - Remote Code Execution (RCE)

Exploit Title: Microsoft Excel 365 MSO Version 2302 Build 16.0.16130.20186 64-bit - Remote Code Execution RCE Exploit Author: nu11secur1ty Date: 03.16.2023 Vendor: https://www.microsoft.com/en-us/microsoft-365/excel Software: https://www.microsoft.com/en-us/microsoft-365/excel Reference:...

Microsoft Excel 2013 Remote Code Execution Vulnerabilities (KB4493176)

This host is missing an important security update according to Microsoft KB4493176 Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

Microsoft Office 2010 Service Pack 2 Remote Code Execution Vulnerability (KB4484455)

This host is missing an important security update according to Microsoft KB4484455 Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

CVE-2020-0759

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'...

Security Updates for Microsoft Office Online Server (October 2019)

The Microsoft Office Online Server installation on the remote host is missing a security update. It is, therefore, affected by a remote code execution vulnerability in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the...

Description of the security update for SharePoint Server 2010: October 8, 2019

Description of the security update for SharePoint Server 2010: October 8, 2019 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft Excel software when the software fails to correctly handle objects in memory. To learn more about the vulnerability,...

Description of the security update for SharePoint Enterprise Server 2013: October 8, 2019

Description of the security update for SharePoint Enterprise Server 2013: October 8, 2019 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft Excel software when the software fails to correctly handle objects in memory. To learn more about the...

Description of the security update for Office 2013: July 9, 2019

Description of the security update for Office 2013: July 9, 2019 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft Excel software if the software does not correctly handle objects in memory. To learn more about the vulnerability, see Microsoft...

Security Update for Microsoft Office (April 2018) (macOS)

The Microsoft Office 2016 application installed on the remote macOS or Mac OS X host is missing a security update. It is, therefore, affected by a remote code execution vulnerability in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who...

Security Updates for Microsoft Office Compatibility Products (April 2018)

The Microsoft Office Compatibility Products are missing security updates. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists when Office renders Rich Text Format RTF email messages containing OLE objects when a message is opened or previewed...