Foxit Reader TextBox Keystroke Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Foxit Reader Link setAction Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

Foxit Reader PrintParams bitmapDPI Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

Google Updater for MacOS Local Elevation of Privilege Vulnerability

Google Updater for MacOS is an update program for Google products based on the MacOS platform developed by Google USA. A local elevation of privilege vulnerability exists in Google Updater for MacOS, which stems from the program's unsafe use of Distributed Objects, and can be exploited by a local...

Prototype Pollution

merge-objects is vulnerable to prototype pollution attacks. The vulnerability exists as the utility function allows modifying the prototype of Object...

Microsoft Excel Remote Code Execution Vulnerability (CNVD-2018-09644)

Microsoft Excel is a trial balance software component of Microsoft's Office software. A security vulnerability in the way Microsoft Excel handles in-memory objects allows remote attackers to exploit the vulnerability by submitting a special file and tricking the user into parsing it, which could...

Microsoft Office Remote Code Execution Vulnerability (CNVD-2018-09645)

Microsoft Excel is a trial balance software component of Microsoft's Office software. A security vulnerability in the way Microsoft Excel handles in-memory objects allows remote attackers to exploit the vulnerability by submitting a special file and tricking the user into parsing it, which could...

CVE-2018-1026

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Office. This CVE ID is unique from CVE-2018-1030...

CVE-2018-1000

An information disclosure vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Information Disclosure Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from...

CVE-2018-0987

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Internet Explorer, aka "Scripting Engine Information Disclosure Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is uniqu...

CVE-2018-0960

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows...

Information disclosure

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows...

Remote code execution

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Office. This CVE ID is unique from CVE-2018-1026...

Information disclosure

An information disclosure vulnerability exists when Office renders Rich Text Format RTF email messages containing OLE objects when a message is opened or previewed, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Word, Microsoft Office. This CVE ID is unique fr...

Remote code execution

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel. This CVE ID is unique from CVE-2018-1011, CVE-2018-1027, CVE-2018-1029...

CVE-2018-0950

An information disclosure vulnerability exists when Office renders Rich Text Format RTF email messages containing OLE objects when a message is opened or previewed, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Word, Microsoft Office. This CVE ID is unique fr...

CVE-2018-0950

CVE-2018-0950: Microsoft Office information disclosure via RTF email rendering. Affected: Office/Word on Windows. Root cause: memory contents disclosure when rendering RTF messages with OLE objects; error in how Office handles memory disclosure. Impact: potential leakage of memory contents to a r...

CVE-2018-0920

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel. This CVE ID is unique from CVE-2018-1011, CVE-2018-1027, CVE-2018-1029...

SAP Business Objects Session Fixation Vulnerability

SAP Business Objects is a suite of business intelligence software and enterprise performance solutions from SAP, Germany. The program provides reporting, performance management and data base and other functions. A session fixation vulnerability exists in SAP Business Objects that stems from the...

Microsoft Office Information Disclosure Vulnerability (CNVD-2018-08640)

Microsoft Office 2010 SP2 and others are products of Microsoft Corporation.Microsoft Office 2010 SP2 is an office software suite product.Word 2007 SP3 is a word processing software. An information disclosure vulnerability exists in Microsoft Word and Office. A remote attacker can exploit this...