216 matches found
CVE-2026-4430
Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. This issue affects LibreOffice: from 26.2 before 26.2.3, from 25.8 before 25.8.7...
SUSE CVE-2025-59031
Dovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip-style attachments. Attacker can use specially crafted OOXML documents to cause unintended files on the system to be indexed and subsequently ending up in FTS indexes. Do not use the provided...
CVE-2025-59031
Dovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip-style attachments. Attacker can use specially crafted OOXML documents to cause unintended files on the system to be indexed and subsequently ending up in FTS indexes. Do not use the provided...
CVE-2025-59031
Summary of CVE-2025-59031 (Dovecot) : A script provided by Dovecot for text conversion mishandles zip-style attachments. This can allow an attacker to craft OOXML documents that cause unintended files to be indexed and end up in full-text search (FTS) indexes. The underlying impact is limited to ...
CVE-2025-59031
Dovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip-style attachments. Attacker can use specially crafted OOXML documents to cause unintended files on the system to be indexed and subsequently ending up in FTS indexes. Do not use the provided...
CVE-2025-59031
Dovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip-style attachments. Attacker can use specially crafted OOXML documents to cause unintended files on the system to be indexed and subsequently ending up in FTS indexes. Do not use the provided...
CVE-2025-59031
Dovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip-style attachments. Attacker can use specially crafted OOXML documents to cause unintended files on the system to be indexed and subsequently ending up in FTS indexes. Do not use the provided...
CVE-2025-59031
Dovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip-style attachments. Attacker can use specially crafted OOXML documents to cause unintended files on the system to be indexed and subsequently ending up in FTS indexes. Do not use the provided...
UBUNTU-CVE-2025-59031
Dovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip-style attachments. Attacker can use specially crafted OOXML documents to cause unintended files on the system to be indexed and subsequently ending up in FTS indexes. Do not use the provided...
CVE-2026-32630 file-type affected by ZIP Decompression Bomb DoS via [Content_Types].xml entry
file-type detects the file type of a file, stream, or data. From 20.0.0 to 21.3.1, a crafted ZIP file can trigger excessive memory growth during type detection in file-type when using fileTypeFromBuffer, fileTypeFromBlob, or fileTypeFromFile. The ZIP inflate output limit is enforced for...
CVE-2026-32630
CVE-2026-32630 (file-type) affects the file-type library. A crafted ZIP can cause excessive memory growth during type detection in versions 20.0.0–21.3.1 for APIs fileTypeFromBuffer(), fileTypeFromBlob(), and fileTypeFromFile(). The ZIP inflate limit was enforced for stream-based detection but no...
EUVD-2018-15786
Malware in sbrugna...
EUVD-2018-15787
Malware in sbrugna...
EUVD-2010-1283
Malware in sbrugna...
Security Bulletin: Multiple vulnerabilities affect Data Virtualization on IBM Software Hub (August 2025 - Part 1 of 2)
Summary Multiple vulnerabilities have been addressed in Data Virtualization on IBM Software Hub. Note that Data Virtualization was named Watson Query on IBM Cloud Pak for Data version 4.8. Vulnerability Details CVEID:CVE-2025-31672 DESCRIPTION: Improper Input Validation vulnerability in Apache PO...
DEBIAN-CVE-2025-31672
Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files like xlsx, docx and pptx. These file formats are basically zip files and it is possible for malicious users to add zip entries with duplicate names including the path in the zip. In this cas...
UBUNTU-CVE-2025-31672
Improper Input Validation vulnerability in Apache POI. The issue affects the parsing of OOXML format files like xlsx, docx and pptx. These file formats are basically zip files and it is possible for malicious users to add zip entries with duplicate names including the path in the zip. In this cas...
Astra Linux – Vulnerability in LibreOffice
A out-of-bounds write vulnerability exists in The Document Foundation LibreOffice due to crafted OOXML documents with mismatched encryption salt parameters. This issue affects LibreOffice versions starting from 26.2 before 26.2.3, and also versions starting from 25.8 before 25.8.7...
CVE-2023-51568
Kofax Power PDF OXPS File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visi...
SUSE CVE-2013-4156
Apache OpenOffice.org OOo before 4.0 allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via a crafted element in an OOXML document file...