Lucene search
K

30 matches found

RedhatCVE
RedhatCVE
added 2026/06/10 9:2 p.m.7 views

CVE-2026-45483

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office Project Server allows an authorized attacker to perform spoofing over a network...

5.4CVSS7AI score0.00505EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 6:30 p.m.15 views

EUVD-2026-35654

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office Project Server allows an authorized attacker to perform spoofing over a network...

4.6CVSS7.1AI score0.00505EPSS
Exploits0References2
CVE
CVE
added 2026/06/09 5:4 p.m.18 views

CVE-2026-45483

CVE-2026-45483 affects Microsoft Office Project Server and involves improper neutralization of input during web page generation, enabling cross-site scripting. The vulnerability is described as allowing an authorized attacker to perform spoofing over a network. The CVSS 3.1 vector (AV:N/AC:L/PR:L...

5.4CVSS5.4AI score0.00505EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/09 5:4 p.m.8 views

CVE-2026-45483 Microsoft Office Project Server Spoofing Vulnerability

...

4.6CVSS7.1AI score0.00505EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.10 views

Microsoft Office Project Server Spoofing Vulnerability

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office Project Server allows an authorized attacker to perform spoofing over a network...

5.4CVSS7AI score0.00505EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.9 views

PT-2026-47965

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office Project Server allows an authorized attacker to perform spoofing over a network...

4.6CVSS7.1AI score0.00505EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Microsoft Office Project Server 跨站脚本漏洞

Microsoft Office Project Server is an enterprise-level project and project portfolio management platform open-sourced by Microsoft. Microsoft Office Project Server has a cross-site scripting vulnerability, which stems from improper input during web page generation. This vulnerability could allow...

5.4CVSS6.7AI score0.00505EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2012/10/18 12:0 a.m.2 views

VulnCheck KEV: CVE-2009-2501

Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold...

9.3CVSS7.5AI score0.26824EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2009/12/14 12:0 a.m.19 views

Microsoft Office Project Remote Code Execution Vulnerability (967183)

This host is missing a critical security update according to Microsoft Bulletin MS09-074. OpenVAS Vulnerability Test $Id: secpodms09-074.nasl 5363 2017-02-20 13:07:22Z cfi $ Microsoft Office Project Remote Code Execution Vulnerability 967183 Authors: Antu Sanadi Copyright: Copyright c 2009 SecPod...

9.3CVSS0.5AI score0.23504EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2009/12/14 12:0 a.m.16 views

Microsoft Office Project Remote Code Execution Vulnerability (967183)

This host is missing a critical security update according to Microsoft Bulletin MS09-074. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9.3CVSS5AI score0.23504EPSS
Exploits1References5
securityvulns
securityvulns
added 2009/12/09 12:0 a.m.48 views

Microsoft Security Bulletin MS09-074 - Critical Vulnerability in Microsoft Office Project Could Allow Remote Code Execution (967183)

Microsoft Security Bulletin MS09-074 - Critical Vulnerability in Microsoft Office Project Could Allow Remote Code Execution 967183 Published: December 08, 2009 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability in Microsoft Office...

9.3CVSS0.6AI score0.23504EPSS
Exploits1
Prion
Prion
added 2009/10/14 10:30 a.m.19 views

Integer overflow

Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Offic...

9.3CVSS8.7AI score0.23647EPSS
Exploits1References3Affected Software19
CVE
CVE
added 2009/10/14 10:0 a.m.144 views

CVE-2009-3126

CVE-2009-3126 corresponds to the GDI+ PNG Integer Overflow vulnerability described in MS09-062. The issue arises from an integer overflow in GDI+ when processing PNG images, which could allow remote code execution if a user opens a specially crafted image. The vulnerability affects a wide range o...

9.3CVSS9.7AI score0.23461EPSS
Exploits1References3Affected Software4
CVE
CVE
added 2009/10/14 10:0 a.m.154 views

CVE-2009-2500

This CVE corresponds to MS09-062: GDI+ WMF Integer Overflow Vulnerability. Affected are Microsoft GDI+ image-processing paths used by WMF, PNG, TIFF, BMP handling across Windows components and Office/Viewer products (e.g., IE6, Office suites, Visio, Project, SQL/Report Viewer, Forefront Client Se...

9.3CVSS7.9AI score0.23647EPSS
Exploits1References3Affected Software4
Prion
Prion
added 2008/12/10 2:0 p.m.17 views

Memory corruption

The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, Office FrontPage 2002 SP3, and Office Project 2003 SP3 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code v...

8.5CVSS7.7AI score0.20976EPSS
Exploits0References7Affected Software5
Cvelist
Cvelist
added 2008/12/10 1:33 p.m.24 views

CVE-2008-4253

The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, Office FrontPage 2002 SP3, and Office Project 2003 SP3 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code v...

7.3AI score0.20976EPSS
Exploits0References7
Cvelist
Cvelist
added 2008/12/10 1:33 p.m.37 views

CVE-2008-4255

Heap-based buffer overflow in mscomct2.ocx aka Windows Common ActiveX control or Microsoft Animation ActiveX control in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, and Office Project 2003 SP3 and 2007 Gold and SP1 allows remote...

7.8AI score0.53703EPSS
Exploits7References11
securityvulns
securityvulns
added 2008/12/10 12:0 a.m.215 views

Microsoft Security Bulletin MS08-070 - Critical Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349)

Microsoft Security Bulletin MS08-070 - Critical Vulnerabilities in Visual Basic 6.0 Runtime Extended Files ActiveX Controls Could Allow Remote Code Execution 932349 Published: December 9, 2008 Version: 1.0 General Information Executive Summary This security update resolves five privately reported...

9.3CVSS1AI score0.55917EPSS
Exploits17
securityvulns
securityvulns
added 2008/04/08 12:0 a.m.60 views

Microsoft Security Bulletin MS08-018 – Critical Vulnerability in Microsoft Project Could Allow Remote Code Execution (950183)

Microsoft Security Bulletin MS08-018 – Critical Vulnerability in Microsoft Project Could Allow Remote Code Execution 950183 Published: April 8, 2008 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability in Microsoft Office Project that...

9.3CVSS0.8AI score0.31934EPSS
Exploits1
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.23 views

The 2007 Microsoft Office Suite Service Pack 2 (SP2)

Service Pack 2 provides the latest updates to the 2007 Microsoft Office Suite. This update also applies to Microsoft Office Project, Microsoft Office SharePoint Designer, Microsoft Expression Web, Microsoft Office Visio, and Visual Web Developer...

2.5AI score
Exploits0
Rows per page
Query Builder