Lucene search
K

11 matches found

Rapid7 Blog
Rapid7 Blog
added 2023/05/09 8:2 p.m.130 views

Patch Tuesday - May 2023

A less crowded Patch Tuesday for May 2023: Microsoft is offering fixes for just 49 vulnerabilities this month. There are no fixes this month for printer drivers, DNS, or .NET, three components which have featured heavily in recent months. Three zero-day vulnerabilities are patched, alongside a...

10CVSS8.7AI score0.99999EPSS
Exploits137
OSV
OSV
added 2022/09/14 11:15 a.m.6 views

CVE-2022-37140

PayMoney 3.3 is vulnerable to Client Side Remote Code Execution RCE. The vulnerability exists on the reply ticket function and upload the malicious file. A calculator will open when the victim who download the file open the RTF file...

8CVSS5.9AI score0.0133EPSS
Exploits2References2
CNNVD
CNNVD
added 2022/09/14 12:0 a.m.6 views

Techvillage Paymoney 代码问题漏洞

Techvillage Paymoney is a secure online payment gateway from Techvillage Bangladesh. A security vulnerability exists in Techvillage Paymoney version 3.3, which stems from a malicious file that can be uploaded in the REPLY TICKET function, which opens a calculator when the victim of the downloaded...

8CVSS6.8AI score0.0133EPSS
Exploits2References3
BDU FSTEC
BDU FSTEC
added 2018/06/22 12:0 a.m.5 views

The vulnerability of the Microsoft Office software arises from an operation that goes beyond buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Microsoft Office package arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted RTF file, while operating remotely...

9.3CVSS6.2AI score0.23069EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2018/05/09 12:0 a.m.168 views

CVE-2018-8174

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka “Windows VBScript Engine Remote Code Execution Vulnerability.” This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1,...

7.6CVSS7.3AI score0.87814EPSS
In wildExploits9References6
CNVD
CNVD
added 2017/08/15 12:0 a.m.3 views

Synology Office Command Injection Vulnerability

Synology Office is a web-based office software system from Synology. The system features online document and spreadsheet creation, as well as importing local files. A command injection vulnerability exists in the Document.php file in Synology Office versions 2.2.0-1502 and 2.2.1-1506. A remote...

7.8CVSS8.1AI score0.01609EPSS
Exploits0References1
OSV
OSV
added 2017/08/14 7:29 p.m.6 views

CVE-2017-11150

Command injection vulnerability in Document.php in Synology Office 2.2.0-1502 and 2.2.1-1506 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the crafted file name of RTF documents...

7.8CVSS6AI score0.01609EPSS
Exploits0References1
OSV
OSV
added 2014/11/26 3:59 p.m.1 views

DEBIAN-CVE-2014-9093

LibreOffice before 4.3.5 allows remote attackers to cause a denial of service invalid write operation and crash and possibly execute arbitrary code via a crafted RTF file...

7.5CVSS6.8AI score0.04143EPSS
Exploits0References1
Saint
Saint
added 2011/03/18 12:0 a.m.19 views

AOL Desktop .rtx File Buffer Overflow

Added: 03/18/2011 BID: 46129 OSVDB: 70741 Background AOL Desktop is an internet suite that integrates a web browser, media player, and IM client. Problem A heap overflow vulnerability exists in the Rich Text file parser of AOL Desktop 9.x. In documents with HTML links, the parser does not properl...

7.3AI score
Exploits0
Saint
Saint
added 2011/03/18 12:0 a.m.23 views

AOL Desktop .rtx File Buffer Overflow

Added: 03/18/2011 BID: 46129 OSVDB: 70741 Background AOL Desktop is an internet suite that integrates a web browser, media player, and IM client. Problem A heap overflow vulnerability exists in the Rich Text file parser of AOL Desktop 9.x. In documents with HTML links, the parser does not properl...

1AI score
Exploits0
Saint
Saint
added 2011/03/18 12:0 a.m.15 views

AOL Desktop .rtx File Buffer Overflow

Added: 03/18/2011 BID: 46129 OSVDB: 70741 Background AOL Desktop is an internet suite that integrates a web browser, media player, and IM client. Problem A heap overflow vulnerability exists in the Rich Text file parser of AOL Desktop 9.x. In documents with HTML links, the parser does not properl...

7.3AI score
Exploits0
Rows per page
Query Builder