Exploit for Improper Input Validation in Microsoft

CVE-2024-21413 | Microsoft Outlook Remote Code Execution Vulne...

BIT-AIRFLOW-2026-22922 Apache Airflow: Airflow externalLogUrl Permission Bypass

Apache Airflow versions 3.1.0 through 3.1.6 contain an authorization flaw that can allow an authenticated user with custom permissions limited to task access to view task logs without having task log access. Users are recommended to upgrade to Apache Airflow 3.1.7 or later, which resolves this...

EUVD-2021-20033

Malware in sbrugna...

Exploit for Improper Input Validation in Microsoft

🛡️ Moniker Link CVE-2024-21413 Room: Moniker Link C...

CVE-2023-28645

Nextcloud richdocuments is a Nextcloud app integrating the office suit Collabora Online. In affected versions the secure view feature of the rich documents app can be bypassed by using unprotected internal API endpoint of the rich documents app. It is recommended that the Nextcloud Office app...

PT-2024-23108 · Silverstripe · Silverstripe/Reports

Name of the Vulnerable Software and Affected Versions: silverstripe/reports versions prior to 5.2.3 Description: The issue allows reports to be accessed by their direct URL by any user who has access to view the reports admin section, even if the canView method for that report returns false...

CVE-2023-46630 WordPress Admin and Site Enhancements (ASE) plugin <= 5.7.1 - Password Protected View Bypass Vulnerability vulnerability

Improper Authentication vulnerability in wpase Admin and Site Enhancements ASE allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Admin and Site Enhancements ASE: from n/a through 5.7.1...

CVE-2023-46630 WordPress Admin and Site Enhancements (ASE) plugin <= 5.7.1 - Password Protected View Bypass Vulnerability vulnerability

Improper Authentication vulnerability in wpase Admin and Site Enhancements ASE allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Admin and Site Enhancements ASE: from n/a through 5.7.1...

VulnCheck KEV: CVE-2024-21413

Microsoft Outlook contains an improper input validation vulnerability that allows for remote code execution. Successful exploitation of this vulnerability would allow an attacker to bypass the Office Protected View and open in editing mode rather than protected mode...

Exploit for Improper Input Validation in Microsoft

Microsoft Outlook Remote Code Execution Vulnerability PoC Th...

Exploit for Improper Input Validation in Microsoft

CVE-2024-21413 | Microsoft Outlook Remote Code Execution Vulne...

Microsoft Outlook 安全漏洞

Microsoft Outlook is a suite of e-mail applications from the American company Microsoft. A remote code execution vulnerability exists in Microsoft Outlook, which can be exploited by an attacker to bypass the protected view protocol, obtain local NTLM credentials, and execute arbitrary code with...

SUSE CVE-2023-31437

An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."...

SUSE CVE-2023-28645

Nextcloud richdocuments is a Nextcloud app integrating the office suit Collabora Online. In affected versions the secure view feature of the rich documents app can be bypassed by using unprotected internal API endpoint of the rich documents app. It is recommended that the Nextcloud Office app...

CVE-2023-28645 Secure view can be bypassed by using internal API endpoint in Nextcloud richdocuments

Nextcloud richdocuments is a Nextcloud app integrating the office suit Collabora Online. In affected versions the secure view feature of the rich documents app can be bypassed by using unprotected internal API endpoint of the rich documents app. It is recommended that the Nextcloud Office app...

Nextcloud 访问控制错误漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. An access control error vulnerability exists in Nextcloud richdocuments. An attacker could exploit the vulnerability to bypass the secure view feature...

PT-2023-21870 · Nextcloud · Nextcloud Richdocuments

Name of the Vulnerable Software and Affected Versions: Nextcloud richdocuments versions prior to 6.3.2 Nextcloud richdocuments versions prior to 7.0.2 Nextcloud richdocuments versions prior to 8.0.0-beta.1 Description: The secure view feature of the rich documents app can be bypassed by using an...

SUSE CVE-2023-25821

Nextcloud is an Open Source private cloud software. Versions 24.0.4 and above, prior to 24.0.7, and 25.0.0 and above, prior to 25.0.1, contain Improper Access Control. Secure view for internal shares can be circumvented if reshare permissions are also given. This issue is patched in versions 24.0...

CVE-2020-10716

A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view. This flaw allows a malicious Satellite user to scan through the Job Invocation, with the ability to search for passwords and other sensitive data. This flaw affects...

Cybozu Office 授权问题漏洞

Cybozu Office is a Web-based, cross-platform collaboration solution from Cybozu. A view restriction bypass vulnerability exists in a custom application in Cybozu Office. An attacker can use this vulnerability to obtain data from a custom application without viewing privileges...