Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
office vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2024-0244
Buffer overflow in CPCA PCFAX number process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*:Satera MF750C Series firmware v03.07 and previo...
Canon I-sensys Mf754cdw Firmware
Canon I-sensys X C1333if Firmware
Canon Mf755cdw Firmware
Canon Mf753cdw Firmware
Canon Mf751cdw Firmware
Canon Mf1333c Firmware
Canon Lbp1333c Firmware
5.4
CVSSv3
CVE-2024-23941
Cross-site scripting vulnerability exists in Group Office prior to v6.6.182, prior to v6.7.64 and prior to v6.8.31, which may allow a remote authenticated malicious user to execute an arbitrary script on the web browser of the user who is logging in to the product.
Group-office Group Office
9.8
CVSSv3
CVE-2024-0938
A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.9. This affects an unknown part of the file /general/email/inbox/delete_webmail.php. The manipulation of the argument WEBBODY_ID_STR leads to sql injection. The exploit has been disclosed to t...
Tongda2000 Office Anywhere 2017
5.4
CVSSv3
CVE-2024-22418
Group-Office is an enterprise CRM and groupware tool. Affected versions are subject to a vulnerability which is present in the file upload mechanism of Group Office. It allows an malicious user to execute arbitrary JavaScript code by embedding it within a file's name. For in...
Group-office Group Office
9.8
CVSSv3
CVE-2024-0529
A vulnerability has been found in CXBSoft Post-Office up to 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /apps/login_auth.php of the component HTTP POST Request Handler. The manipulation of the argument username_login lead...
Cxbsoft Post-office 1.0
9.8
CVSSv3
CVE-2024-0530
A vulnerability was found in CXBSoft Post-Office up to 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /apps/reg_go.php of the component HTTP POST Request Handler. The manipulation of the argument username_reg leads to sql injectio...
Cxbsoft Post-office 1.0
9.8
CVSSv3
CVE-2024-0528
A vulnerability, which was classified as critical, was found in CXBSoft Post-Office 1.0. Affected is an unknown function of the file /admin/pages/update_go.php of the component HTTP POST Request Handler. The manipulation of the argument version leads to sql injection. The exploit...
Cxbsoft Post-office 1.0
4.3
CVSSv3
CVE-2024-21665
ecommerce-framework-bundle is the Pimcore Ecommerce Framework Bundle. An authenticated and unauthorized user can access the back-office orders list and be able to query over the information returned. Access control and permissions are not being enforced. This vulnerability has be...
Pimcore E-commerce Framework
1 Github repository
7.8
CVSSv3
CVE-2023-32401
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.6.6, macOS Big Sur 11.7.7, macOS Ventura 13.4. Parsing an office document may lead to an unexpected app termination or arbitrary code execution.
Apple Macos
7.8
CVSSv3
CVE-2024-20677
A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX files has been disabled in Word, Excel, PowerPoint and Outlook for Windows and Mac. Versions of Office that had this feature enabled will no ...
Microsoft Office 2019
Microsoft 365 Apps -
Microsoft Office Long Term Servicing Channel 2021
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
injection
CVE-2024-30983
CVE-2023-4235
CVE-2024-21338
privilege
encryption
CVE-2023-4232
CVE-2024-31497
CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »