Lucene search
K

209 matches found

OpenVAS
OpenVAS
added 2020/05/29 12:0 a.m.13 views

Fedora: Security Advisory for python-markdown2 (FEDORA-2020-3864f32b3d)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1CVSS6.3AI score0.01868EPSS
Exploits1References2
ThreatPost
ThreatPost
added 2020/03/13 4:40 p.m.22 views

Coronavirus-Themed APT Attack Spreads Malware

An advanced persistent threat APT group is leveraging the coronavirus pandemic to infect victims with a previously unknown malware, in a recently discovered campaign that researchers call “Vicious Panda.” Researchers identified two suspicious Rich Text Format files RTF — a text file format used b...

7.8AI score
Exploits0References9
Gitee
Gitee
added 2019/11/19 9:33 a.m.6 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2017-11882 43b 原脚本来自于 https://github.com/embedi/CVE-2017-11882 109b 原脚本来自于 https://github.com/unamer/CVE-2017-11882/ (膜一波,现在unamer的代码已经可以执行shellcode了) CVE-2017-11882: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ MITRE CVE-2017-11882: https://vulners.com/cve/CVE-2017-118...

9.3CVSS7AI score0.99945EPSS
Exploits33
BDU FSTEC
BDU FSTEC
added 2019/11/19 12:0 a.m.4 views

The vulnerability of the software detection mechanism in Cisco Firepower System Software allows attackers to circumvent the configured security policies for detecting malicious programs and files with extensions .RTF and .RAR.

The vulnerability of the Cisco Firepower System Software’s malware detection mechanism exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to bypass established security policies without being detected as carrying malware. The detected files...

5.8CVSS6.5AI score0.01455EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/11/19 12:0 a.m.4 views

The vulnerability of the software detection mechanism in Cisco Firepower System Software allows attackers to circumvent the configured security policies for detecting malicious programs and files with extensions .RTF and .RAR.

The vulnerability of the Cisco Firepower System Software’s malware detection mechanism exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to bypass established security policies without being detected as carrying malware. The detected files...

5.8CVSS6.5AI score0.01455EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2019/09/11 7:17 p.m.27 views

CVE-2019-3763

The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain an information exposure vulnerability. The Office 365 user password may get logged in a plain text format in the Office 365 connector debug log file. An authenticated...

8.8CVSS8.4AI score0.00324EPSS
Exploits0References1
Prion
Prion
added 2019/03/26 6:29 p.m.21 views

Command injection

Data Leakage Attacks vulnerability in the web portal component when in an MDR pair in McAfee Network Security Management NSM 9.1 9.1.7.75 Update 4 and 9.2 9.2.7.31 Update2 allows administrators to view configuration information in plain text format via the GUI or GUI terminal commands...

1.9CVSS4.4AI score0.00211EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/03/26 5:23 p.m.50 views

CVE-2019-3606

CVE-2019-3606 affects McAfee Network Security Manager (NSM) in the web portal component when running NSM 9.x with versions prior to 9.1.7.75 Update 4 or 9.2.7.31 Update2. The issue enables data leakage by allowing administrators to view configuration information in plain text via the GUI or GUI t...

7.7CVSS4.5AI score0.00211EPSS
Exploits0References2Affected Software1
Fedora
Fedora
added 2019/02/19 2:3 p.m.57 views

[SECURITY] Fedora 29 Update: jackson-dataformats-text-2.9.8-1.fc29

Parent pom for Jackson text-format dataformats...

10CVSS2AI score0.12679EPSS
Exploits1
Fedora
Fedora
added 2019/02/18 1:27 a.m.31 views

[SECURITY] Fedora 28 Update: python-markdown2-2.3.7-1.fc28

Markdown is a text-to-HTML filter; it translates an easy-to-read / easy-to-write structured text format into HTML. Markdown's text format is most similar to that of plain text email, and supports features such as headers, emphasis, code blocks, blockquotes, and links. This is a fast and complete...

6.1CVSS1.6AI score0.00812EPSS
Exploits0
Fedora
Fedora
added 2019/01/16 1:42 a.m.28 views

[SECURITY] Fedora 28 Update: unrtf-0.21.9-8.fc28

UnRTF is a command-line program written in C which converts documents in Rich Text Format .rtf to HTML, LaTeX, troff macros, and RTF itself. Converting to HTML, it supports a number of features of Rich Text Format: Changes in the text's font, size, weight bold, and slant italic Underlines and...

7.5CVSS0.5AI score0.02836EPSS
Exploits0
Prion
Prion
added 2018/12/01 8:29 p.m.13 views

Null pointer dereference

An exploitable uninitialized pointer vulnerability exists in the rich text format parser of Atlantis Word Processor, version 3.2.7.2. A specially crafted document can cause certain RTF tokens to dereference a pointer that has been uninitialized and then write to it. An attacker must convince a...

6.8CVSS7.5AI score0.01006EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/12/01 8:0 p.m.21 views

CVE-2018-4040

An exploitable uninitialized pointer vulnerability exists in the rich text format parser of Atlantis Word Processor, version 3.2.7.2. A specially crafted document can cause certain RTF tokens to dereference a pointer that has been uninitialized and then write to it. An attacker must convince a...

8.8CVSS7.5AI score0.01006EPSS
Exploits1References1
Talos
Talos
added 2018/11/20 12:0 a.m.236 views

Atlantis Word Processor rich text format uninitialized TAutoList remote code execution vulnerability

Summary An exploitable uninitialized pointer vulnerability exists in the rich text format parser of Atlantis Word Processor, version 3.2.7.2. A specially crafted document can cause certain RTF tokens to dereference a pointer that has been uninitialized and then write to it. An attacker must...

8.8CVSS7.8AI score0.01006EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2018/11/19 12:0 a.m.28 views

openSUSE Security Update : libxkbcommon (openSUSE-2018-1418)

This update for libxkbcommon to version 0.8.2 fixes the following issues : - Fix a few NULL-dereferences, out-of-bounds access and undefined behavior in the XKB text format parser. - CVE-2018-15853: Endless recursion could have been used by local attackers to crash xkbcommon users by supplying a...

7.8CVSS6.2AI score0.00535EPSS
Exploits0References12
BDU FSTEC
BDU FSTEC
added 2018/10/11 12:0 a.m.5 views

The vulnerability of the RTF text processor, the Atlantis Word Processor, allows a hacker to execute arbitrary code.

The vulnerability of the Atlantis Word Processor, a RTF text processor, arises due to errors during initialization of variables. Exploiting this vulnerability allows an attacker to execute arbitrary code within the application, using a specially created RTF file...

7.6CVSS6AI score0.01202EPSS
Exploits1References4Affected Software1
Fedora
Fedora
added 2018/10/10 10:47 p.m.33 views

[SECURITY] Fedora 28 Update: python-markdown2-2.3.6-1.fc28

Markdown is a text-to-HTML filter; it translates an easy-to-read / easy-to-write structured text format into HTML. Markdown's text format is most similar to that of plain text email, and supports features such as headers, emphasis, code blocks, blockquotes, and links. This is a fast and complete...

6.1CVSS1.6AI score0.00812EPSS
Exploits0
Fedora
Fedora
added 2018/10/09 12:7 a.m.19 views

[SECURITY] Fedora 29 Update: python-markdown2-2.3.6-1.fc29

Markdown is a text-to-HTML filter; it translates an easy-to-read / easy-to-write structured text format into HTML. Markdown's text format is most similar to that of plain text email, and supports features such as headers, emphasis, code blocks, blockquotes, and links. This is a fast and complete...

6.1CVSS1.6AI score0.00812EPSS
Exploits0
NVD
NVD
added 2018/06/15 2:29 p.m.18 views

CVE-2018-6672

Information disclosure vulnerability in McAfee ePolicy Orchestrator ePO 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows authenticated users to view sensitive information in plain text format via unspecified vectors...

6.5CVSS5.4AI score0.01201EPSS
Exploits0References3
Prion
Prion
added 2018/06/15 2:29 p.m.19 views

Information disclosure

Information disclosure vulnerability in McAfee ePolicy Orchestrator ePO 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows authenticated users to view sensitive information in plain text format via unspecified vectors...

4CVSS5.9AI score0.01201EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder