Vulnerability & Exploit Database

Displaying entries 111 - 120 of 125504 in total

CVE-2018-0792: Microsoft Word Remote Code Execution Vulnerability [Office for Mac] Vulnerability

  • Severity: 4
  • Published: January 08, 2018

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could t...

CVE-2018-0797: Microsoft Word Memory Corruption Vulnerability [Office for Mac] Vulnerability

  • Severity: 4
  • Published: January 08, 2018

An Office RTF remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle RTF files. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attac...

Microsoft CVE-2018-0796: Microsoft Excel Remote Code Execution Vulnerability Vulnerability

  • Severity: 4
  • Published: January 08, 2018

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could t...

Huawei EulerOS: CVE-2017-15131: xdg-user-dirs security update Vulnerability

  • Severity: 4
  • Published: January 08, 2018

It was found that system umask policy is not being honored when creating XDG user directories, since Xsession sources xdg-user-dirs.sh before setting umask policy. This only affects xdg-user-dirs before 0.15.5 as shipped with Red Hat Enterprise Linux.

Microsoft CVE-2018-0799: Microsoft Access Tampering Vulnerability Vulnerability

  • Severity: 4
  • Published: January 08, 2018

A cross-site-scripting (XSS) vulnerability exists when Microsoft Access does not properly sanitize inputs to image fields edited within Design view. An attacker could exploit the vulnerability by sending a specially crafted file to a victim, or by hosting the file on a web server. The attacker who successfully exploited the vulnerability...

Microsoft CVE-2018-0786: .NET Security Feature Bypass Vulnerability Vulnerability

  • Severity: 4
  • Published: January 08, 2018

A security feature bypass vulnerability exists when Microsoft .NET Framework (and .NET Core) components do not completely validate certificates. An attacker could present a certificate that is marked invalid for a specific use, but the component uses it for that purpose. This action disregards the Enhanced Key Usage taggings. The securit...

Microsoft CVE-2018-0794: Microsoft Word Remote Code Execution Vulnerability Vulnerability

  • Severity: 4
  • Published: January 08, 2018

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could t...