212 matches found
XSS-cheat-sheet-txt-dictionary-by-PortSwigger
XSS cheat sheet dictionary by PortSwigger PortSwigger diction...
OESA-2026-1012 unrtf security update
UnRTF is a command-line program written in C which converts documents in Rich Text Format .rtf to HTML, LaTeX, troff macros, and RTF itself. Converting to HTML, it supports a number of features of Rich Text Format: Changes in the text's font, size, weight bold, and slant italic Underlines and...
EUVD-2005-2502
Malware in sbrugna...
EUVD-2019-13241
Malware in sbrugna...
EUVD-2009-0769
Malware in sbrugna...
EUVD-2001-0240
Malware in sbrugna...
EUVD-2004-0783
Malware in sbrugna...
EUVD-2023-1039
Malicious code in bioql PyPI...
Malicious code in browser-html-to-rtf (npm)
The package browser-html-to-rtf was found to contain malicious code...
Exploit for Use After Free in Microsoft
🛑 CVE-2025-21298 – Critical Zero-Click RCE in Microsoft Window...
The vulnerability of Microsoft Office Word and 365 Apps for Enterprise applications relates to buffer overflows in dynamic memory, allowing an attacker to execute arbitrary code.
The vulnerability of Microsoft Office Word and 365 Apps for Enterprise lies in the overflowing of buffers in the dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created RTF file...
CVE-2005-2516
Safari in Mac OS X 10.3.9 and 10.4.2, when rendering Rich Text Format RTF files, can directly access URLs without performing the normal security checks, which allows remote attackers to execute arbitrary commands...
Khan Academy: Unauthorized Account Access via Leaked Credentials in URL Format (Account Takeover )
The vulnerability allowed attackers to access user accounts on khanAcademy.com using leaked credentials that were publicly available. The credentials were found in clear text format on a third-party website. By entering the email and password, the attacker could perform an account takeover withou...
The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software lies in its ability to copy buffers without checking the size of the input data. This allows attackers to execute arbitrary code.
The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created RTF file...
Tracker Software PDF-XChange Editor 安全漏洞
Tracker Software PDF-XChange Editor is a suite of software for viewing and editing PDF format files from Tracker Software, a Canadian company. A security vulnerability exists in Tracker Software PDF-XChange Editor that stems from the RTF file parsing module containing a heap-based buffer overflow...
CVE-2024-54123
Backdrop CMS before 1.28.4 and 1.29.x before 1.29.2 allows XSS via an SVG document, if the SVG tag is allowed for a text format...
The vulnerability of IBM Cognos Dashboards on Cloud Pak for Data software in managing business processes lies in the transfer of critical information in open text format, allowing attackers to disclose protected information.
The vulnerability of IBM Cognos Dashboards on Cloud Pak for Data, related to the transmission of critical information in open text format. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...
Security Bulletin: Vulnerabilities in Google Protocol Buffers affect IBM watsonx.data
Summary Google Protocol Buffers and protobuf-java core and lite have multiple vulnerabilities that can affect watsonx.data. These vulnerablities include denail of service attacks and remote code executions, Vulnerability Details CVEID:CVE-2015-5237 DESCRIPTION: Google Protocol Buffers could allow...
Parsing issue in protobuf textformat
...
CVE-2024-5486
A vulnerability exists in ClearPass Policy Manager that allows for an attacker with administrative privileges to access sensitive information in a cleartext format. A successful exploit allows an attacker to retrieve information which could be used to potentially gain further access to network...