Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
office vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-5781
A vulnerability, which was classified as critical, has been found in Tongda OA 2017 11.10. This issue affects the function DELETE_STR of the file general/system/res_manage/monitor/delete_webmail.php. The manipulation leads to sql injection. The attack may be initiated remotely. T...
Tongda2000 Tongda Office Anywhere
NA
CVE-2023-37913
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 3.5-milestone-1 and prior to versions 14.10.8 and 15.3-rc-1, triggering the office converter with a specially crafted file name allows writing the attachme...
Xwiki Xwiki
NA
CVE-2023-5682
A vulnerability has been found in Tongda OA 2017 and classified as critical. This vulnerability affects unknown code of the file general/hr/training/record/delete.php. The manipulation of the argument RECORD_ID leads to sql injection. The exploit has been disclosed to the public ...
Tongda2000 Tongda Office Anywhere
Tongda2000 Tongda Office Anywhere 2017
NA
CVE-2023-38127
An integer overflow exists in the "HyperLinkFrame" stream parser of Ichitaro 2023 1.0.1.59372. A specially crafted document can cause the parser to make an under-sized allocation, which can later allow for memory corruption, potentially resulting in arbitrary code execu...
Justsystems Ichitaro Government 8 -
Justsystems Ichitaro Pro 3 -
Justsystems Ichitaro 2022 -
Justsystems Ichitaro 2021 -
Justsystems Easy Postcard Max -
Justsystems Just Office 5 -
Justsystems Just Office 4 -
Justsystems Just Office 3 -
Justsystems Just Government 5 -
Justsystems Just Government 4 -
Justsystems Just Government 3 -
Justsystems Just Police 5 -
Justsystems Just Police 4 -
Justsystems Just Police 3 -
Justsystems Ichitaro Pro 5 -
Justsystems Ichitaro Pro 4 -
Justsystems Ichitaro Government 10 -
Justsystems Ichitaro Government 9 -
Justsystems Ichitaro 2023 1.0.1.59372
NA
CVE-2023-38128
An out-of-bounds write vulnerability exists in the "HyperLinkFrame" stream parser of Ichitaro 2023 1.0.1.59372. A specially crafted document can cause a type confusion, which can lead to memory corruption and eventually arbitrary code execution. An attacker can provide ...
Justsystems Ichitaro Government 8 -
Justsystems Ichitaro Pro 3 -
Justsystems Ichitaro 2022 -
Justsystems Ichitaro 2021 -
Justsystems Easy Postcard Max -
Justsystems Just Office 5 -
Justsystems Just Office 4 -
Justsystems Just Office 3 -
Justsystems Just Government 5 -
Justsystems Just Government 4 -
Justsystems Just Government 3 -
Justsystems Just Police 5 -
Justsystems Just Police 4 -
Justsystems Just Police 3 -
Justsystems Ichitaro Pro 5 -
Justsystems Ichitaro Pro 4 -
Justsystems Ichitaro Government 10 -
Justsystems Ichitaro Government 9 -
Justsystems Ichitaro 2023 1.0.1.59372
NA
CVE-2023-34366
A use-after-free vulnerability exists in the Figure stream parsing functionality of Ichitaro 2023 1.0.1.59372. A specially crafted document can cause memory corruption, resulting in arbitrary code execution. Victim would need to open a malicious file to trigger this vulnerability...
Justsystems Ichitaro Government 8 -
Justsystems Ichitaro Pro 3 -
Justsystems Ichitaro 2022 -
Justsystems Ichitaro 2021 -
Justsystems Easy Postcard Max -
Justsystems Just Office 5 -
Justsystems Just Office 4 -
Justsystems Just Office 3 -
Justsystems Just Government 5 -
Justsystems Just Government 4 -
Justsystems Just Government 3 -
Justsystems Just Police 5 -
Justsystems Just Police 4 -
Justsystems Just Police 3 -
Justsystems Ichitaro Pro 5 -
Justsystems Ichitaro Pro 4 -
Justsystems Ichitaro Government 10 -
Justsystems Ichitaro Government 9 -
Justsystems Ichitaro 2023 1.0.1.59372
NA
CVE-2023-35126
An out-of-bounds write vulnerability exists within the parsers for both the "DocumentViewStyles" and "DocumentEditStyles" streams of Ichitaro 2023 1.0.1.59372 when processing types 0x0000-0x0009 of a style record with the type 0x2008. A specially crafted docum...
Justsystems Ichitaro Government 8 -
Justsystems Ichitaro Pro 3 -
Justsystems Ichitaro 2022 -
Justsystems Ichitaro 2021 -
Justsystems Easy Postcard Max -
Justsystems Just Office 5 -
Justsystems Just Office 4 -
Justsystems Just Office 3 -
Justsystems Just Government 5 -
Justsystems Just Government 4 -
Justsystems Just Government 3 -
Justsystems Just Police 5 -
Justsystems Just Police 4 -
Justsystems Just Police 3 -
Justsystems Ichitaro Pro 5 -
Justsystems Ichitaro Pro 4 -
Justsystems Ichitaro Government 10 -
Justsystems Ichitaro Government 9 -
Justsystems Ichitaro 2023 1.0.1.59372
NA
CVE-2023-36565
Microsoft Office Graphics Elevation of Privilege Vulnerability
Microsoft Office 2019
Microsoft Office Long Term Servicing Channel 2021
Microsoft Office
NA
CVE-2023-36568
Microsoft Office Click-To-Run Elevation of Privilege Vulnerability
Microsoft Office 2019
Microsoft 365 Apps -
Microsoft Office Long Term Servicing Channel 2021
NA
CVE-2023-36569
Microsoft Office Elevation of Privilege Vulnerability
Microsoft Office 2019
Microsoft 365 Apps -
Microsoft Office Long Term Servicing Channel 2021
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »