85 matches found
CVE-2025-62552
Relative path traversal in Microsoft Office Access allows an unauthorized attacker to execute code locally...
CVE-2025-62552
Relative path traversal in Microsoft Office Access allows an unauthorized attacker to execute code locally...
CVE-2025-62552
Relative path traversal in Microsoft Office Access allows an unauthorized attacker to execute code locally...
EUVD-2025-202220
Relative path traversal in Microsoft Office Access allows an unauthorized attacker to execute code locally...
PT-2025-50176
Name of the Vulnerable Software and Affected Versions Microsoft Office Access affected versions not specified Description A relative path traversal issue exists in Microsoft Office Access. This allows an unauthorized attacker to execute code locally. The issue can also allow remote attackers to...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the back office interface. An attacker can execute arbitrary scripts by injecting malicious content into image asset names, content language names, or future publishing fields. This may result in persistent...
EUVD-2017-14584
Malware in sbrugna...
EUVD-2023-2919
Malicious code in bioql PyPI...
EUVD-2025-10146
Malicious code in bioql PyPI...
Information Exposure
Overview prestashop/prestashop is an Open Source e-commerce platform, committed to providing the best shopping cart experience for both merchants and customers. Affected versions of this package are vulnerable to Information Exposure via manipulation of the idemployee and resettoken parameters on...
Ibexa RichText Field Type XSS vulnerabilities in back office
Impact This security advisory is a part of IBEXA-SA-2025-003, which resolves XSS vulnerabilities in several parts of the back office of Ibexa DXP. Back office access and varying levels of editing and management permissions are required to exploit these vulnerabilities. This typically means Editor...
Ibexa Admin UI assets XSS vulnerabilities in back office
Impact This security advisory is a part of IBEXA-SA-2025-003, which resolves XSS vulnerabilities in several parts of the back office of Ibexa DXP. Back office access and varying levels of editing and management permissions are required to exploit these vulnerabilities. This typically means Editor...
CVE-2024-21665
ecommerce-framework-bundle is the Pimcore Ecommerce Framework Bundle. An authenticated and unauthorized user can access the back-office orders list and be able to query over the information returned. Access control and permissions are not being enforced. This vulnerability has been patched in...
CVE-2020-0961
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'...
CVE-2019-0825
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0823, CVE-2019-0824, CVE-2019-0826,...
CVE-2025-26630
Use after free in Microsoft Office Access allows an unauthorized attacker to execute code locally...
CVE-2025-26630
Use after free in Microsoft Office Access allows an unauthorized attacker to execute code locally...
CVE-2025-26630
Use after free in Microsoft Office Access allows an unauthorized attacker to execute code locally...
CVE-2025-26630
CVE-2025-26630 is a use-after-free vulnerability in Microsoft Office Access that can allow a local attacker to execute arbitrary code. The issue affects Microsoft Access/Office components and is rated CVSS v3.1 base score 7.8 (High) with Local attack vector, Privileges None, User Interaction requ...
PT-2025-10846 · Microsoft · Office Access
Name of the Vulnerable Software and Affected Versions: Microsoft Office Access versions prior to the fixed version Description: The issue is related to a use-after-free vulnerability in Microsoft Office Access, which allows an unauthorized attacker to execute code locally. This vulnerability can ...