Back to Blog
CVE-2023-6186 Link targets allow arbitrary script executionĬVE-2023-6185 Improper input validation enabling arbitrary Gstreamer pipeline injectionĬVE-2023-2255 Remote documents loaded without prompt via IFrameĬVE-2023-0950 Array Index UnderFlow in Calc Formula ParsingĬVE-2022-3140 Macro URL arbitrary script executionĬVE-2022-26306 Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing the Master PasswordĬVE-2022-26305 Execution of Untrusted Macros Due to Improper Certificate ValidationĬVE-2022-38745 Empty entry in Java class path risks arbitrary code executionĬVE-2021-25636 Incorrect trust validation of signature with ambiguous KeyInfo childrenĬVE-2021-25632 fileloc extension added to macOS executable denylistĬVE-2021-25633 Content Manipulation with Double Certificate AttackĬVE-2021-25634 Timestamp Manipulation with Signature WrappingĬVE-2021-25631 Denylist of executable filename extensions possible to bypass under windowsĬVE-2021-25635 Content Manipulation with Certificate Validation AttackĬVE-2020-12802 remote graphics contained in docx format retrieved in 'stealth mode'ĬVE-2020-12803 XForms submissions could overwrite local filesĬVE-2020-12801 Crash-recovered MSOffice encrypted documents defaulted to not to using encryption on next saveĬVE-2019-9854 Unsafe URL assembly flaw in allowed script location checkĬVE-2019-9855 Windows 8.3 path equivalence handling flaw allows LibreLogo script executionĬVE-2019-9853 Insufficient URL decoding flaw in categorizing macro locationĬVE-2019-9850 Insufficient url validation allowing LibreLogo script executionĬVE-2019-9851 LibreLogo global-event script executionĬVE-2019-9852 Insufficient URL encoding flaw in allowed script location checkĬVE-2019-9848 LibreLogo arbitrary script executionĬVE-2019-9849 remote bullet graphics retrieved in 'stealth mode'ĬVE-2019-9847 Executable hyperlink targets executed unconditionally on activationĬVE-2018-16858 Directory traversal flaw in script executionĬVE-2018-10583 Information disclosure via SMB link embedded in ODF documentĬVE-2018-10120 Heap Buffer Overflow in MSWord Customizations parsingĬVE-2018-1055 Remote arbitrary file disclosure vulnerability via WEBSERVICE formulaĬVE-2018-10119 Use After Free in Structured Storage parserĬVE-2017-7870 Heap-buffer-overflow in WMF filterĬVE-2016-10327 Heap-buffer-overflow in EMF filterĬVE-2017-7856 Heap-buffer-overflow in SVM filterĬVE-2017-7882 Heap-buffer-overflow in HWP filterĬVE-2017-8358 Heap-buffer-overflow in JPG filterĬVE-2017-3157 Arbitrary file disclosure in Calc and WriterĬVE-2016-4324 Dereference of invalid STL iterator on processing RTF fileĬVE-2016-0795 LotusWordPro Bounds overflows in LwpTocSuperLayout processingĬVE-2016-0794 LotusWordPro Multiple bounds overflows in lwp filterĬVE-2017-12607 Out-of-Bounds Write in Impress' PPT FilterĬVE-2017-12608 Out-of-Bounds Write in Writer's ImportOldFormatStylesĬVE-2015-5214 DOC Bookmark Status Memory CorruptionĬVE-2015-4551 Arbitrary file disclosure in Calc and WriterĬVE-2015-5212 ODF Integer Underflow (PrinterSetup Length)ĬVE-2015-5213 DOC piecetable Integer OverflowĬVE-2015-1774 Out of bounds write in HWP file filterĬVE-2014-3693 Use-After-Free in socket manager of Impress RemoteĬVE-2014-3524 CSV Command Injection and DDE formulasĬVE-2014-3575 Arbitrary File Disclosure using crafted OLE objectsĬVE-2014-0247 Microsoft Office VBA Macro ExecutionĬVE-2013-4156 Microsoft.
0 Comments
Read More
Leave a Reply. |