Lucene search
K

76 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:49 a.m.5 views

SUSE CVE-2017-5992

Openpyxl 2.4.1 resolves external entities by default, which allows remote attackers to conduct XXE attacks via a crafted .xlsx document...

8.2CVSS9AI score0.01159EPSS
Exploits0References3
OSV
OSV
added 2021/07/19 2:15 p.m.3 views

CVE-2021-32012

SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service memory consumption via a crafted .xlsx document that is mishandled when read by xlsx.js issue 1 of 2...

5.5CVSS7.3AI score0.0088EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/05/11 12:0 a.m.4 views

PT-2021-3041 · Microsoft · Office Web Apps Server +3

Name of the Vulnerable Software and Affected Versions: Microsoft Office affected versions not specified Microsoft 365 Apps for Enterprise affected versions not specified Microsoft Excel affected versions not specified Microsoft Office Web Apps Server affected versions not specified Description: T...

9.3CVSS7.6AI score0.03073EPSS
Exploits0References13
BDU FSTEC
BDU FSTEC
added 2020/11/24 12:0 a.m.6 views

The vulnerability of Microsoft Excel spreadsheet editors, Microsoft Office programs, and Microsoft 365 Apps for Enterprise, related to improper handling of objects in memory, allows attackers to execute arbitrary code.

The vulnerability of Microsoft Excel spreadsheet editors, as well as Microsoft Office and Microsoft 365 Apps for Enterprise, is related to improper handling of objects in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS7.5AI score0.03048EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2019/02/12 12:0 a.m.70 views

Microsoft Excel .SLK Payload Delivery

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Microsoft Excel .SLK Payload Delivery", 'Description' = %Q This module generates a download and execute Powershell command to be placed in an .SL...

Exploits0
BDU FSTEC
BDU FSTEC
added 2018/12/28 12:0 a.m.6 views

The vulnerability of Excel spreadsheet editors, related to data processing errors, allows attackers to execute arbitrary code.

The vulnerability of Excel spreadsheet editors is related to data processing errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9.3CVSS8AI score0.19791EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2018/06/07 3:51 p.m.119 views

Adobe Issues Patch for Actively Exploited Flash Player Zero-Day Exploit

If you have already uninstalled Flash player, well done! But if you haven't, here's another great reason for ditching it. Adobe has released a security patch update for a critical vulnerability in its Flash Player software that is actively being exploited in the wild by hackers in targeted attack...

10CVSS1.4AI score0.25353EPSS
Exploits0
OSV
OSV
added 2018/04/24 7:29 p.m.8 views

UBUNTU-CVE-2017-2924

An exploitable heap-based buffer overflow vulnerability exists in the readlegacybiff function of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability...

8.8CVSS7.8AI score0.03313EPSS
Exploits1References3
OSV
OSV
added 2018/04/24 7:29 p.m.5 views

UBUNTU-CVE-2017-2923

An exploitable heap based buffer overflow vulnerability exists in the 'readbiffnextrecord function' of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability...

8.8CVSS7.8AI score0.03313EPSS
Exploits1References3
Fedora
Fedora
added 2018/04/15 2:43 a.m.14 views

[SECURITY] Fedora 28 Update: freexl-1.0.5-1.fc28

FreeXL is a library to extract valid data from within an Excel spreadsheet .xls Design goals: simple and lightweight stable, robust and efficient easily and universally portable completely ignore any GUI-related oddity...

2.4AI score
Exploits0
Fedora
Fedora
added 2018/03/06 5:35 p.m.17 views

[SECURITY] Fedora 27 Update: freexl-1.0.5-1.fc27

FreeXL is a library to extract valid data from within an Excel spreadsheet .xls Design goals: simple and lightweight stable, robust and efficient easily and universally portable completely ignore any GUI-related oddity...

2.4AI score
Exploits0
CNVD
CNVD
added 2018/02/08 12:0 a.m.2 views

Denial of Service Vulnerability in WPS Forms (CNVD-2018-03670)

WPS office is an office software suite independently developed by Kingsoft Corporation. A denial of service vulnerability exists in WPS Formset.exe in WPS when parsing a specific xls file, which can be exploited by an attacker to cause a denial of service...

6.8AI score
Exploits0
OSV
OSV
added 2017/11/20 10:29 p.m.9 views

UBUNTU-CVE-2017-2897

An exploitable out-of-bounds write vulnerability exists in the readMSAT function of libxls 1.4. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability...

8.8CVSS7.2AI score0.02061EPSS
Exploits1References3
OSV
OSV
added 2017/11/20 10:29 p.m.7 views

UBUNTU-CVE-2017-2896

An exploitable out-of-bounds write vulnerability exists in the xlsmergedCells function of libxls 1.4. . A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability...

8.8CVSS7.4AI score0.02052EPSS
Exploits1References3
CNVD
CNVD
added 2017/10/18 12:0 a.m.3 views

Memory Corruption Vulnerability in WPS Forms (CNVD-2017-34137)

WPS Office is an office software suite developed independently by Kingsoft Corporation. A memory corruption vulnerability exists in the kso module of formset.exe in WPS when parsing a specific xls file, which can be exploited by an attacker to cause a denial of service or code execution...

7.6AI score
Exploits0
NVD
NVD
added 2017/10/09 5:29 a.m.20 views

CVE-2017-14971

Infocus Mondopad 2.2.08 is vulnerable to a Hashed Credential Disclosure vulnerability. The attacker provides a crafted Microsoft Office document containing a link that has a UNC pathname associated with an attacker-controller server. In one specific scenario, the attacker provides an Excel...

5.5CVSS5.3AI score0.00863EPSS
Exploits1References1
Prion
Prion
added 2017/10/09 5:29 a.m.18 views

Design/Logic Flaw

Infocus Mondopad 2.2.08 is vulnerable to a Hashed Credential Disclosure vulnerability. The attacker provides a crafted Microsoft Office document containing a link that has a UNC pathname associated with an attacker-controller server. In one specific scenario, the attacker provides an Excel...

4.3CVSS5.3AI score0.00863EPSS
Exploits1References1Affected Software1
Fedora
Fedora
added 2017/09/30 7:28 a.m.10 views

[SECURITY] Fedora 27 Update: freexl-1.0.4-1.fc27

FreeXL is a library to extract valid data from within an Excel spreadsheet .xls Design goals: simple and lightweight stable, robust and efficient easily and universally portable completely ignore any GUI-related oddity...

2.4AI score
Exploits0
Fedora
Fedora
added 2017/09/17 9:49 a.m.13 views

[SECURITY] Fedora 25 Update: freexl-1.0.4-1.fc25

FreeXL is a library to extract valid data from within an Excel spreadsheet .xls Design goals: simple and lightweight stable, robust and efficient easily and universally portable completely ignore any GUI-related oddity...

2.4AI score
Exploits0
Fedora
Fedora
added 2017/09/17 3:51 a.m.22 views

[SECURITY] Fedora 26 Update: freexl-1.0.4-1.fc26

FreeXL is a library to extract valid data from within an Excel spreadsheet .xls Design goals: simple and lightweight stable, robust and efficient easily and universally portable completely ignore any GUI-related oddity...

2.4AI score
Exploits0
Rows per page
Query Builder