Lucene search
K

100 matches found

Tenable Nessus
Tenable Nessus
added 2024/02/13 12:0 a.m.34 views

Security Updates for Microsoft Word Products (February 2024)

The Microsoft Word Products are missing security updates. They are, therefore, affected by multiple remote code execution vulnerabilities. An attacker can exploit these to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for these issues but has...

7.8CVSS7.8AI score0.01719EPSS
Exploits0References3
NVD
NVD
added 2024/01/15 1:15 p.m.41 views

CVE-2024-20709

Acrobat Reader T5 MSFT Edge versions 120.0.2210.91 and earlier are affected by an Improper Input Validation vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue...

5.5CVSS5.4AI score0.006EPSS
Exploits0References1
Prion
Prion
added 2024/01/15 1:15 p.m.28 views

Input validation

Acrobat Reader T5 MSFT Edge versions 120.0.2210.91 and earlier are affected by an Improper Input Validation vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue...

1.9CVSS6.6AI score0.006EPSS
Exploits0References1Affected Software2
Prion
Prion
added 2024/01/15 1:15 p.m.31 views

Input validation

Acrobat Reader T5 MSFT Edge versions 120.0.2210.91 and earlier are affected by an Improper Input Validation vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue...

1.9CVSS6.6AI score0.0072EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2024/01/15 12:13 p.m.109 views

CVE-2024-20709

CVE-2024-20709 describes an Improper Input Validation in Acrobat Reader T5 (MSFT Edge) affecting versions

5.5CVSS5.4AI score0.006EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2024/01/15 12:13 p.m.42 views

CVE-2024-20721 T5 Acrobat JS vulnerability - Exploitable crash via t5::javascript::get_page_num_words

Acrobat Reader T5 MSFT Edge versions 120.0.2210.91 and earlier are affected by an Improper Input Validation vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue...

5.5CVSS5.7AI score0.0072EPSS
Exploits0References1
CVE
CVE
added 2024/01/15 12:13 p.m.107 views

CVE-2024-20721

CVE-2024-20721 affects Acrobat Reader T5 (MSFT Edge) versions 120.0.2210.91 and earlier. The root cause is improper input validation. In the described vulnerability, an unauthenticated attacker can cause an application DoS in the context of the current user, with exploitation requiring user inter...

5.5CVSS5.3AI score0.0072EPSS
Exploits0References1Affected Software2
OSV
OSV
added 2023/12/06 5:15 p.m.9 views

AZL-32103 CVE-2023-45285 affecting package msft-golang for versions less than 1.22.3-1.

Using go get to fetch a module with the ".git" suffix may unexpectedly fallback to the insecure "git://" protocol if the module is unavailable via the secure "https://" and "git+ssh://" protocols, even if GOINSECURE is not set for said module. This only affects users who are not using the module...

7.5CVSS6.8AI score0.01137EPSS
Exploits0References1
OSV
OSV
added 2023/12/05 5:15 p.m.11 views

AZL-32123 CVE-2023-45287 affecting package msft-golang for versions less than 1.20.0-1

Before Go 1.20, the RSA based TLS key exchanges used the math/big library, which is not constant time. RSA blinding was applied to prevent timing attacks, but analysis shows this may not have been fully effective. In particular it appears as if the removal of PKCS1 padding may leak timing...

7.5CVSS6.8AI score0.0125EPSS
Exploits0References1
CBLMariner
CBLMariner
added 2023/12/05 4:40 a.m.28 views

CVE-2023-24540 affecting package msft-golang for versions less than 1.20.11-1

CVE-2023-24540 affecting package msft-golang for versions less than 1.20.11-1. A patched version of the package is available...

9.8CVSS7.3AI score0.01548EPSS
Exploits0
CBLMariner
CBLMariner
added 2023/12/05 4:40 a.m.25 views

CVE-2023-24536 affecting package msft-golang for versions less than 1.20.7-1

CVE-2023-24536 affecting package msft-golang for versions less than 1.20.7-1. A patched version of the package is available...

7.5CVSS9.2AI score0.01479EPSS
Exploits0
CBLMariner
CBLMariner
added 2023/12/05 4:40 a.m.18 views

CVE-2023-24534 affecting package msft-golang for versions less than 1.20.7-1

CVE-2023-24534 affecting package msft-golang for versions less than 1.20.7-1. A patched version of the package is available...

7.5CVSS9.2AI score0.01888EPSS
Exploits0
CBLMariner
CBLMariner
added 2023/12/05 4:40 a.m.26 views

CVE-2023-29400 affecting package msft-golang for versions less than 1.20.7-1

CVE-2023-29400 affecting package msft-golang for versions less than 1.20.7-1. A patched version of the package is available...

7.3CVSS9AI score0.01037EPSS
Exploits0
CBLMariner
CBLMariner
added 2023/12/05 4:40 a.m.27 views

CVE-2023-24538 affecting package msft-golang for versions less than 1.20.11-1

CVE-2023-24538 affecting package msft-golang for versions less than 1.20.11-1. A patched version of the package is available...

9.8CVSS7.3AI score0.02281EPSS
Exploits0
CBLMariner
CBLMariner
added 2023/12/05 4:40 a.m.36 views

CVE-2023-45283 affecting package msft-golang for versions less than 1.20.11-1

CVE-2023-45283 affecting package msft-golang for versions less than 1.20.11-1. A patched version of the package is available...

7.5CVSS8.3AI score0.02758EPSS
Exploits0
CBLMariner
CBLMariner
added 2023/12/05 4:40 a.m.31 views

CVE-2023-29403 affecting package msft-golang for versions less than 1.20.7-1

CVE-2023-29403 affecting package msft-golang for versions less than 1.20.7-1. A patched version of the package is available...

7.8CVSS7.3AI score0.00432EPSS
Exploits0
CBLMariner
CBLMariner
added 2023/12/05 4:40 a.m.39 views

CVE-2023-29405 affecting package msft-golang for versions less than 1.20.7-1

CVE-2023-29405 affecting package msft-golang for versions less than 1.20.7-1. A patched version of the package is available...

9.8CVSS9.9AI score0.01728EPSS
Exploits0
CBLMariner
CBLMariner
added 2023/12/05 4:40 a.m.31 views

CVE-2023-24537 affecting package msft-golang for versions less than 1.20.11-1

CVE-2023-24537 affecting package msft-golang for versions less than 1.20.11-1. A patched version of the package is available...

7.5CVSS7.3AI score0.01412EPSS
Exploits0
CBLMariner
CBLMariner
added 2023/12/05 4:40 a.m.28 views

CVE-2023-29409 affecting package msft-golang for versions less than 1.20.7-1

CVE-2023-29409 affecting package msft-golang for versions less than 1.20.7-1. A patched version of the package is available...

5.3CVSS7.2AI score0.01328EPSS
Exploits0
CBLMariner
CBLMariner
added 2023/12/05 4:40 a.m.31 views

CVE-2023-39318 affecting package msft-golang for versions less than 1.20.10-1

CVE-2023-39318 affecting package msft-golang for versions less than 1.20.10-1. A patched version of the package is available...

6.1CVSS7.5AI score0.00815EPSS
Exploits0
Rows per page
Query Builder