Lucene search
K

126 matches found

CNNVD
CNNVD
added 2022/08/03 12:0 a.m.4 views

ESTsoft Alyac 输入验证错误漏洞

ESTsoft Alyac is a low-priced comprehensive security software from the Korean company ESTsoft. A security vulnerability exists in ESTsoft Alyac 2.5.8.544, which is caused by an integer overflow in the way an OLE file is parsed, and can be exploited by an attacker to execute arbitrary code...

7.8CVSS7.1AI score0.00455EPSS
Exploits1References3
Microsoft KB
Microsoft KB
added 2022/07/05 12:0 a.m.4 views

July 5, 2022, update for Office 2016 (KB5002226)

July 5, 2022, update for Office 2016 KB5002226 This article describes update 5002226 for Microsoft Office 2016 that was released on July 5, 2022.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply to Offi...

6.4AI score
Exploits0
CISA KEV Catalog
CISA KEV Catalog
added 2022/03/03 12:0 a.m.15 views

Microsoft Windows Object Linking & Embedding (OLE) Remote Code Execution Vulnerability

A vulnerability exists in Windows Object Linking & Embedding OLE that could allow remote code execution if a user opens a file that contains a specially crafted OLE object...

9.3CVSS7.1AI score0.81628EPSS
In wildExploits22
BDU FSTEC
BDU FSTEC
added 2021/10/13 12:0 a.m.5 views

Vulnerability of Windows operating systems, related to errors in code generation, allows a hacker to execute arbitrary code.

The vulnerability of Windows operating systems is related to errors in code generation control. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created file containing a malicious OLE object...

9.3CVSS8AI score0.77553EPSS
Exploits11References10
CNNVD
CNNVD
added 2021/07/26 12:0 a.m.4 views

TechSmith Snagit 安全漏洞

Techsmith TechSmith SnagIT is a set of screen capture software from Techsmith USA. The software is mainly used to take screenshots and record videos on the screen. A security vulnerability exists in TechSmith Snagit that stems from TechSmith Snagit's use of Object Linking and Embedding OLE, which...

8.8CVSS8AI score0.00391EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2021/07/26 12:0 a.m.4 views

PT-2021-10148

Name of the Vulnerable Software and Affected Versions: TechSmith Snagit version 19.1.0.2653 Description: The issue allows attackers to obfuscate and embed crafted files used to escalate privileges by utilizing Object Linking and Embedding OLE. Recommendations: For TechSmith Snagit version...

8.8CVSS7.9AI score0.00391EPSS
Exploits1References10
BDU FSTEC
BDU FSTEC
added 2019/12/17 12:0 a.m.3 views

Vulnerability of the Windows OLE operating system component, allowing a hacker to execute arbitrary code

The vulnerability of the Windows OLE operating system exists due to insufficient checking of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.8CVSS7.6AI score0.08859EPSS
Exploits0References4
CNVD
CNVD
added 2019/12/11 12:0 a.m.2 views

Microsoft Windows and Microsoft Windows Server OLE Remote Code Execution Vulnerability

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, U.S.A. Microsoft Windows is a set of operating systems for personal devices.Microsoft Windows Server is a set of server operating systems.OLE is a technology that allows applications to share data and...

7.8CVSS8AI score0.08859EPSS
Exploits0References1
OSV
OSV
added 2019/12/10 10:15 p.m.2 views

CVE-2019-1484

A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka 'Windows OLE Remote Code Execution Vulnerability'...

7.8CVSS7.7AI score0.08859EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/06/06 12:0 a.m.6 views

The vulnerability of the OLE component of the Windows operating system, related to insufficient validation of input data, allows a perpetrator to execute arbitrary code.

The vulnerability of the OLE component in the Windows operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

9.3CVSS7.8AI score0.14351EPSS
Exploits0References3
OSV
OSV
added 2019/04/08 12:57 p.m.4 views

USN-3940-1 clamav vulnerabilities

It was discovered that ClamAV incorrectly handled scanning certain PDF documents. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. CVE-2019-1787 It was discovered that ClamAV incorrectly handled scanning certain OLE2 files. A remote...

7.5CVSS6AI score0.01839EPSS
Exploits2References4
OSV
OSV
added 2017/04/12 2:59 p.m.2 views

CVE-2017-0211

An elevation of privilege vulnerability exists in Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 versions of Microsoft Windows OLE when it fails an integrity-level check, aka "Windows OLE Elevation of Privilege Vulnerability."...

5.5CVSS7.3AI score0.13975EPSS
Exploits1References4
CNVD
CNVD
added 2017/04/12 12:0 a.m.6 views

Microsoft Office Word OLE Object Code Execution Vulnerability

Microsoft Office is a popular office software suite developed by Microsoft. A code execution vulnerability exists in the Microsoft Office Word OLE object, which can be exploited by an attacker to obtain permission to remotely execute arbitrary code, covertly install a variety of malware, and infe...

9.3CVSS7.8AI score0.99933EPSS
Exploits29References1
Positive Technologies
Positive Technologies
added 2017/01/06 12:0 a.m.4 views

PT-2017-2447 · Ruby · Ruby

Name of the Vulnerable Software and Affected Versions: Ruby affected versions not specified Description: The issue is related to type confusion in the WIN32OLE class of Ruby, specifically in the ole invoke and ole query interface methods. This occurs when an attacker passes a different type of...

9.8CVSS8.1AI score0.03291EPSS
Exploits2References6
OSV
OSV
added 2016/09/14 10:59 a.m.4 views

CVE-2016-3375

The OLE Automation mechanism and VBScript scripting engine in Microsoft Internet Explorer 9 through 11, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow remote attackers to...

7.5CVSS6.1AI score0.17016EPSS
Exploits0References4
OSV
OSV
added 2016/06/16 1:59 a.m.1 views

CVE-2016-3235

Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, Visio Viewer 2007 SP3, and Visio Viewer 2010 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loading Vulnerability."...

7.8CVSS5.8AI score0.43431EPSS
Exploits4References7
CNVD
CNVD
added 2016/06/15 12:0 a.m.4 views

Microsoft Office OLE DLL End Load Vulnerability

Microsoft Office is an office software suite of products developed by the U.S. company Microsoft Microsoft. Commonly used components are Word, Excel, Access, Powerpoint, FrontPage and so on. A security vulnerability exists in Microsoft Office that originates from the program failing to properly...

9.3CVSS8.5AI score0.43431EPSS
Exploits4References1
CNVD
CNVD
added 2016/04/14 12:0 a.m.2 views

Microsoft Windows OLE Remote Code Execution Vulnerability

Microsoft Windows is a family of operating systems released by Microsoft Corporation in the U.S. OLE Object Linking and Embedding is a technology that allows applications to share data and functionality. A remote code execution vulnerability exists in OLE for Microsoft Windows that originates fro...

9.3CVSS8.1AI score0.21382EPSS
Exploits0References1
OSV
OSV
added 2016/04/12 11:59 p.m.2 views

CVE-2016-0153

OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1 allows remote attackers to execute arbitrary code via a crafted file, aka "Windows OLE Remote Code Execution Vulnerability."...

7.8CVSS6.2AI score0.21382EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2016/03/23 12:0 a.m.5 views

Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of the OLE component in the Windows operating system exists due to insufficient checking of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted file...

6.8CVSS7.7AI score0.23645EPSS
Exploits0References2
Rows per page
Query Builder