209 matches found
Fedora: Security Advisory for python-markdown2 (FEDORA-2020-3864f32b3d)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Coronavirus-Themed APT Attack Spreads Malware
An advanced persistent threat APT group is leveraging the coronavirus pandemic to infect victims with a previously unknown malware, in a recently discovered campaign that researchers call “Vicious Panda.” Researchers identified two suspicious Rich Text Format files RTF — a text file format used b...
Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft
CVE-2017-11882 43b 原脚本来自于 https://github.com/embedi/CVE-2017-11882 109b 原脚本来自于 https://github.com/unamer/CVE-2017-11882/ (膜一波,现在unamer的代码已经可以执行shellcode了) CVE-2017-11882: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ MITRE CVE-2017-11882: https://vulners.com/cve/CVE-2017-118...
The vulnerability of the software detection mechanism in Cisco Firepower System Software allows attackers to circumvent the configured security policies for detecting malicious programs and files with extensions .RTF and .RAR.
The vulnerability of the Cisco Firepower System Software’s malware detection mechanism exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to bypass established security policies without being detected as carrying malware. The detected files...
The vulnerability of the software detection mechanism in Cisco Firepower System Software allows attackers to circumvent the configured security policies for detecting malicious programs and files with extensions .RTF and .RAR.
The vulnerability of the Cisco Firepower System Software’s malware detection mechanism exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to bypass established security policies without being detected as carrying malware. The detected files...
CVE-2019-3763
The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain an information exposure vulnerability. The Office 365 user password may get logged in a plain text format in the Office 365 connector debug log file. An authenticated...
Command injection
Data Leakage Attacks vulnerability in the web portal component when in an MDR pair in McAfee Network Security Management NSM 9.1 9.1.7.75 Update 4 and 9.2 9.2.7.31 Update2 allows administrators to view configuration information in plain text format via the GUI or GUI terminal commands...
CVE-2019-3606
CVE-2019-3606 affects McAfee Network Security Manager (NSM) in the web portal component when running NSM 9.x with versions prior to 9.1.7.75 Update 4 or 9.2.7.31 Update2. The issue enables data leakage by allowing administrators to view configuration information in plain text via the GUI or GUI t...
[SECURITY] Fedora 29 Update: jackson-dataformats-text-2.9.8-1.fc29
Parent pom for Jackson text-format dataformats...
[SECURITY] Fedora 28 Update: python-markdown2-2.3.7-1.fc28
Markdown is a text-to-HTML filter; it translates an easy-to-read / easy-to-write structured text format into HTML. Markdown's text format is most similar to that of plain text email, and supports features such as headers, emphasis, code blocks, blockquotes, and links. This is a fast and complete...
[SECURITY] Fedora 28 Update: unrtf-0.21.9-8.fc28
UnRTF is a command-line program written in C which converts documents in Rich Text Format .rtf to HTML, LaTeX, troff macros, and RTF itself. Converting to HTML, it supports a number of features of Rich Text Format: Changes in the text's font, size, weight bold, and slant italic Underlines and...
Null pointer dereference
An exploitable uninitialized pointer vulnerability exists in the rich text format parser of Atlantis Word Processor, version 3.2.7.2. A specially crafted document can cause certain RTF tokens to dereference a pointer that has been uninitialized and then write to it. An attacker must convince a...
CVE-2018-4040
An exploitable uninitialized pointer vulnerability exists in the rich text format parser of Atlantis Word Processor, version 3.2.7.2. A specially crafted document can cause certain RTF tokens to dereference a pointer that has been uninitialized and then write to it. An attacker must convince a...
Atlantis Word Processor rich text format uninitialized TAutoList remote code execution vulnerability
Summary An exploitable uninitialized pointer vulnerability exists in the rich text format parser of Atlantis Word Processor, version 3.2.7.2. A specially crafted document can cause certain RTF tokens to dereference a pointer that has been uninitialized and then write to it. An attacker must...
openSUSE Security Update : libxkbcommon (openSUSE-2018-1418)
This update for libxkbcommon to version 0.8.2 fixes the following issues : - Fix a few NULL-dereferences, out-of-bounds access and undefined behavior in the XKB text format parser. - CVE-2018-15853: Endless recursion could have been used by local attackers to crash xkbcommon users by supplying a...
The vulnerability of the RTF text processor, the Atlantis Word Processor, allows a hacker to execute arbitrary code.
The vulnerability of the Atlantis Word Processor, a RTF text processor, arises due to errors during initialization of variables. Exploiting this vulnerability allows an attacker to execute arbitrary code within the application, using a specially created RTF file...
[SECURITY] Fedora 28 Update: python-markdown2-2.3.6-1.fc28
Markdown is a text-to-HTML filter; it translates an easy-to-read / easy-to-write structured text format into HTML. Markdown's text format is most similar to that of plain text email, and supports features such as headers, emphasis, code blocks, blockquotes, and links. This is a fast and complete...
[SECURITY] Fedora 29 Update: python-markdown2-2.3.6-1.fc29
Markdown is a text-to-HTML filter; it translates an easy-to-read / easy-to-write structured text format into HTML. Markdown's text format is most similar to that of plain text email, and supports features such as headers, emphasis, code blocks, blockquotes, and links. This is a fast and complete...
CVE-2018-6672
Information disclosure vulnerability in McAfee ePolicy Orchestrator ePO 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows authenticated users to view sensitive information in plain text format via unspecified vectors...
Information disclosure
Information disclosure vulnerability in McAfee ePolicy Orchestrator ePO 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows authenticated users to view sensitive information in plain text format via unspecified vectors...