Lucene search
+L

216 matches found

UbuntuCve
UbuntuCve
added 2026/05/07 12:0 a.m.8 views

CVE-2026-4430

Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. This issue affects LibreOffice: from 26.2 before 26.2.3, from 25.8 before 25.8.7...

7.8CVSS5.8AI score0.00078EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/03/29 12:29 a.m.4 views

SUSE CVE-2025-59031

Dovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip-style attachments. Attacker can use specially crafted OOXML documents to cause unintended files on the system to be indexed and subsequently ending up in FTS indexes. Do not use the provided...

4.3CVSS5.8AI score0.00283EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/27 8:10 a.m.36 views

CVE-2025-59031

Dovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip-style attachments. Attacker can use specially crafted OOXML documents to cause unintended files on the system to be indexed and subsequently ending up in FTS indexes. Do not use the provided...

4.3CVSS0.00283EPSS
Exploits0References1
CVE
CVE
added 2026/03/27 8:10 a.m.33 views

CVE-2025-59031

Summary of CVE-2025-59031 (Dovecot) : A script provided by Dovecot for text conversion mishandles zip-style attachments. This can allow an attacker to craft OOXML documents that cause unintended files to be indexed and end up in full-text search (FTS) indexes. The underlying impact is limited to ...

4.3CVSS5.8AI score0.00283EPSS
Exploits0References1Affected Software2
Debian CVE
Debian CVE
added 2026/03/27 8:10 a.m.25 views

CVE-2025-59031

Dovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip-style attachments. Attacker can use specially crafted OOXML documents to cause unintended files on the system to be indexed and subsequently ending up in FTS indexes. Do not use the provided...

4.3CVSS5.2AI score0.00283EPSS
Exploits0
OSV
OSV
added 2026/03/27 8:10 a.m.2 views

CVE-2025-59031

Dovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip-style attachments. Attacker can use specially crafted OOXML documents to cause unintended files on the system to be indexed and subsequently ending up in FTS indexes. Do not use the provided...

4.3CVSS5.9AI score0.00283EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/03/27 8:10 a.m.35 views

CVE-2025-59031

Dovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip-style attachments. Attacker can use specially crafted OOXML documents to cause unintended files on the system to be indexed and subsequently ending up in FTS indexes. Do not use the provided...

4.3CVSS5.8AI score0.00283EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/03/27 12:0 a.m.3 views

CVE-2025-59031

Dovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip-style attachments. Attacker can use specially crafted OOXML documents to cause unintended files on the system to be indexed and subsequently ending up in FTS indexes. Do not use the provided...

4.3CVSS5.8AI score0.00283EPSS
Exploits0References2
OSV
OSV
added 2026/03/27 12:0 a.m.5 views

UBUNTU-CVE-2025-59031

Dovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip-style attachments. Attacker can use specially crafted OOXML documents to cause unintended files on the system to be indexed and subsequently ending up in FTS indexes. Do not use the provided...

4.3CVSS5.8AI score0.00283EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/13 8:54 p.m.37 views

CVE-2026-32630 file-type affected by ZIP Decompression Bomb DoS via [Content_Types].xml entry

file-type detects the file type of a file, stream, or data. From 20.0.0 to 21.3.1, a crafted ZIP file can trigger excessive memory growth during type detection in file-type when using fileTypeFromBuffer, fileTypeFromBlob, or fileTypeFromFile. The ZIP inflate output limit is enforced for...

5.3CVSS0.00299EPSS
Exploits1References2
CVE
CVE
added 2026/03/13 8:54 p.m.30 views

CVE-2026-32630

CVE-2026-32630 (file-type) affects the file-type library. A crafted ZIP can cause excessive memory growth during type detection in versions 20.0.0–21.3.1 for APIs fileTypeFromBuffer(), fileTypeFromBlob(), and fileTypeFromFile(). The ZIP inflate limit was enforced for stream-based detection but no...

5.3CVSS5.8AI score0.00299EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-15786

Malware in sbrugna...

8.8CVSS8.3AI score0.01036EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-15787

Malware in sbrugna...

8.8CVSS8.3AI score0.01456EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2010-1283

Malware in sbrugna...

6.9CVSS6.4AI score0.01426EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/02 6:13 p.m.10 views

Security Bulletin: Multiple vulnerabilities affect Data Virtualization on IBM Software Hub (August 2025 - Part 1 of 2)

Summary Multiple vulnerabilities have been addressed in Data Virtualization on IBM Software Hub. Note that Data Virtualization was named Watson Query on IBM Cloud Pak for Data version 4.8. Vulnerability Details CVEID:CVE-2025-31672 DESCRIPTION: Improper Input Validation vulnerability in Apache PO...

8.8CVSS4.9AI score0.01548EPSS
Exploits2Affected Software1
OSV
OSV
added 2025/04/09 12:15 p.m.3 views

DEBIAN-CVE-2025-31672

Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files like xlsx, docx and pptx. These file formats are basically zip files and it is possible for malicious users to add zip entries with duplicate names including the path in the zip. In this cas...

5.3CVSS6.2AI score0.01286EPSS
Exploits0References1
OSV
OSV
added 2025/04/09 12:15 p.m.7 views

UBUNTU-CVE-2025-31672

Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files like xlsx, docx and pptx. These file formats are basically zip files and it is possible for malicious users to add zip entries with duplicate names including the path in the zip. In this cas...

5.3CVSS6.8AI score0.01286EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2024/11/23 3:4 a.m.4 views

Astra Linux – Vulnerability in LibreOffice

A out-of-bounds write vulnerability exists in The Document Foundation LibreOffice due to crafted OOXML documents with mismatched encryption salt parameters. This issue affects LibreOffice versions starting from 26.2 before 26.2.3, and also versions starting from 25.8 before 25.8.7...

7.8CVSS7AI score0.00078EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2024/05/03 3:16 a.m.2 views

CVE-2023-51568

Kofax Power PDF OXPS File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visi...

3.3CVSS4.9AI score0.00497EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:36 a.m.4 views

SUSE CVE-2013-4156

Apache OpenOffice.org OOo before 4.0 allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via a crafted element in an OOXML document file...

6.8CVSS7.5AI score0.03958EPSS
Exploits1References6
Rows per page
Query Builder