EUVD-2026-10701

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network...

EUVD-2015-0992

Malware in sbrugna...

Honeywell Excel Web Detection Consolidation

Consolidation of Honeywell Excel Web detections. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only include"pluginfeedinfo.inc"; if description...

February 10, 2015 update for SharePoint Server 2013 (KB2920760)

February 10, 2015 update for SharePoint Server 2013 KB2920760 This article describes update KB2920760 for Microsoft SharePoint Server 2013 that was released on February 10, 2015. This update has a prerequisite. Improvements and Fixes Fixes the following issues: Assume that you open an Excel...

February 10, 2015 update for SharePoint Server 2010 Excel Web App (KB2899588)

February 10, 2015 update for SharePoint Server 2010 Excel Web App KB2899588 This article describes update KB2899588 for Microsoft SharePoint Server 2010 Excel Web App that was released on February 10, 2015. This update has a prerequisite. Improvements and Fixes Fixes the following issue: Assume...

February 10, 2015 update for SharePoint Server 2010 (KB2899589)

February 10, 2015 update for SharePoint Server 2010 KB2899589 This article describes update KB2899589 for Microsoft SharePoint Server 2010 that was released on February 10, 2015. This update has a prerequisite. Improvements and Fixes Fixes the following issue: Assume that you open an Excel workbo...

MS15-110: Description of the security update for SharePoint Server 2010 Excel Web App: October 13, 2015

MS15-110: Description of the security update for SharePoint Server 2010 Excel Web App: October 13, 2015 Summary This security update resolves vulnerabilities in Sharepoint. To learn more about these vulnerabilities, see Microsoft Security Bulletin MS15-110. Note To apply this security update, you...

Honeywell MCR Web Controller Cross Site Scripting / Path Disclosure

Honeywell MCR Web Controller Full Path Disclosure & Cross Site Scripting Vendor Homepage: https://www.honeywell.com WebVersion: XL1000C50 EXCEL WEB 52 I/O, XL1000C500 EXCEL WEB 300 I/O, XL1000C100 EXCEL WEB 104 I/O, XL1000C1000 EXCEL WEB 600 I/O, XL1000C50U EXCEL WEB 52 I/O UUKL, XL1000C500U EXCE...

New Actor DarkHydrus Targets Middle East with Open-Source Phishing

Government entities and educational institutions in the Middle East are under attack in an ongoing credential-harvesting campaign, mounted by a newly-named threat group known as DarkHydrus. In a twist on the norm, the group is leveraging the open-source Phishery tool to carry out its dark work. T...

Microsoft Office Web Apps 2013 Service Pack 1 Multiple Vulnerabilities (KB3213562)

This host is missing an important security update according to Microsoft KB3213562 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Description of the security update for SharePoint Server 2010 Excel Web App: April 11, 2017

Description of the security update for SharePoint Server 2010 Excel Web App: April 11, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities,...

Honeywell Excel Web Detection (BACnet)

BACnet based detection of Honeywell Excel Web. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

CVE-2015-6037

Cross-site scripting XSS vulnerability in Microsoft Excel Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2, Excel Web App 2010 SP2, Office Web Apps Server 2013 SP1, and SharePoint Foundation 2013 SP1 allows remote authenticated users to inject arbitrary web script or...

Cross site scripting

Cross-site scripting XSS vulnerability in Microsoft Excel Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2, Excel Web App 2010 SP2, Office Web Apps Server 2013 SP1, and SharePoint Foundation 2013 SP1 allows remote authenticated users to inject arbitrary web script or...

Honeywell Falcon XL Web Controller Directory Traversal Vulnerability - Active Check

Honeywell Falcon XL Web Controller is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2015-0984

Directory traversal vulnerability in the FTP server on Honeywell Excel Web XL1000C50 52 I/O, XL1000C100 104 I/O, XL1000C500 300 I/O, XL1000C1000 600 I/O, XL1000C50U 52 I/O UUKL, XL1000C100U 104 I/O UUKL, XL1000C500U 300 I/O UUKL, and XL1000C1000U 600 I/O UUKL controllers before 2.04.01 allows...

Directory traversal

Directory traversal vulnerability in the FTP server on Honeywell Excel Web XL1000C50 52 I/O, XL1000C100 104 I/O, XL1000C500 300 I/O, XL1000C1000 600 I/O, XL1000C50U 52 I/O UUKL, XL1000C100U 104 I/O UUKL, XL1000C500U 300 I/O UUKL, and XL1000C1000U 600 I/O UUKL controllers before 2.04.01 allows...

CVE-2015-0984

CVE-2015-0984 affects Honeywell XL Web Controller (multiple XL1000C/X LXL lines) where the FTP server flaw enables directory traversal to read web-root files, potentially granting administrative login access. The ICS-CERT advisory ICSA-15-076-02 confirms remote exploitation via path traversal and...

CVE-2015-0984

Directory traversal vulnerability in the FTP server on Honeywell Excel Web XL1000C50 52 I/O, XL1000C100 104 I/O, XL1000C500 300 I/O, XL1000C1000 600 I/O, XL1000C50U 52 I/O UUKL, XL1000C100U 104 I/O UUKL, XL1000C500U 300 I/O UUKL, and XL1000C1000U 600 I/O UUKL controllers before 2.04.01 allows...

MS13-084: Description of the security update for Excel Web App: October 8, 2013

Describes a security update that addresses vulnerabilities by correcting how affected Microsoft software validates data when the software parses specially crafted Office files and by changing the configuration of SharePoint pages to help provide additional protection against clickjacking...