22777 matches found
The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.
The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
LibreOffice: LibreOffice: Denial of Service via crafted OOXML documents
A flaw was found in LibreOffice. A remote attacker could exploit this out-of-bounds write vulnerability by tricking a user into opening a specially crafted OOXML Office Open XML document with mismatched encryption salt parameters. This could lead to a denial of service DoS, making the application...
Weaver E-Office 9.5 - Remote Code Execution
A vulnerability was found in Weaver E-Office 9.5. It has been classified as critical. This affects an unknown part of the file /inc/jquery/uploadify/uploadify.php. The manipulation of the argument Filedata leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit h...
CLink Office 2.0 - Cross-Site Scripting
CLink Office 2.0 is vulnerable to cross-site scripting in the index page of the management console and allows remote attackers to inject arbitrary web script or HTML via the lang parameter. id: CVE-2020-6171 info: name: CLink Office 2.0 - Cross-Site Scripting author: pikpikcu severity: medium...
Group-Office < 26.0.5 - Remote Code Execution
Group-Office before versions 6.8.150, 25.0.82, and 26.0.5 is vulnerable to remote code execution via OS command injection. The endpoint email/message/tnefAttachmentFromTempFile directly concatenates the user-controlled parameter tmpfile into an exec call. By injecting shell metacharacters into...
Smart Office Web 20.28 - Information Disclosure
An issue was discovered in Smart Office Web 20.28 and earlier allows attackers to download sensitive information via the action name parameter to ExportEmployeeDetails.aspx, and to ExportReportingManager.aspx. id: CVE-2022-47075 info: name: Smart Office Web 20.28 - Information Disclosure author:...
Moderate: Red Hat Security Advisory: libreoffice security update
An update for libreoffice is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
LibreOffice: LibreOffice: Denial of Service via crafted OOXML documents
A flaw was found in LibreOffice. A remote attacker could exploit this out-of-bounds write vulnerability by tricking a user into opening a specially crafted OOXML Office Open XML document with mismatched encryption salt parameters. This could lead to a denial of service DoS, making the application...
Moderate: Red Hat Security Advisory: libreoffice security update
An update for libreoffice is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring...
Moderate: Red Hat Security Advisory: libreoffice security update
An update for libreoffice is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common...
LibreOffice: LibreOffice: Denial of Service via crafted OOXML documents
A flaw was found in LibreOffice. A remote attacker could exploit this out-of-bounds write vulnerability by tricking a user into opening a specially crafted OOXML Office Open XML document with mismatched encryption salt parameters. This could lead to a denial of service DoS, making the application...
EUVD-2026-41457
A null pointer dereference vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to create a denial-of-service DoS condition by sending specially crafted IKEv2 messages. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using...
CVE-2026-13084
A null pointer dereference vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to create a denial-of-service DoS condition by sending specially crafted IKEv2 messages. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using...
CVE-2024-58352
Landray OA contains an unauthenticated HQL injection vulnerability that allows unauthenticated attackers to query arbitrary Hibernate entity classes by injecting malicious HQL syntax into the uid POST parameter of the wechatLoginHelper.do endpoint. Attackers can exploit the lack of input...
PT-2026-55326
Name of the Vulnerable Software and Affected Versions WatchGuard Fireware OS versions 11.10.2 through 11.12.4 Update1 WatchGuard Fireware OS versions 12.0 through 12.12 WatchGuard Fireware OS versions 2025.1 through 2026.2 Description A null pointer dereference occurs when the software attempts t...
[SECURITY] Fedora 44 Update: nginx-1.30.3-1.fc44
Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...
libreoffice security update
An update is available for libreoffice. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list LibreOffice is an open source, community-developed office productivity...
RLSA-2026:28922 Moderate: libreoffice security update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
libreoffice security update
An update is available for libreoffice. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list LibreOffice is an open source, community-developed office productivity...
RockyLinux 9 : libreoffice (RLSA-2026:28290)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:28290 advisory. LibreOffice: LibreOffice: Denial of Service via crafted OOXML documents CVE-2026-4430 Tenable has extracted the preceding description block directly from the...