Lucene search
K

29 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2024-19927

Malicious code in bioql PyPI...

5.5CVSS5.4AI score0.00468EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-21020

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00776EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/05/23 8:40 a.m.4 views

CVE-2024-23525

The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to use the noxxe option of XML::Twig...

6.5CVSS6.9AI score0.00776EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.6 views

openSUSE Security Advisory (openSUSE-SU-2024:0021-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.5AI score0.00468EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/05/09 12:0 a.m.25 views

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : Spreadsheet::ParseXLSX vulnerabilities (USN-6769-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6769-1 advisory. Le Dinh Hai discovered that Spreadsheet::ParseXLSX did not properly manage memory during cell merge operations. An attacker could...

6.5CVSS6.4AI score0.00776EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.11 views

openSUSE Security Advisory (openSUSE-SU-2024:0021-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.5AI score0.00468EPSS
Exploits1References4
Fedora
Fedora
added 2024/02/27 1:9 a.m.17 views

[SECURITY] Fedora 39 Update: perl-Spreadsheet-ParseXLSX-0.31-1.fc39

This module is an adaptor for that reads XLSX files. For documentation about the various data that you can retrieve from these classes, please see , , , and...

5.5CVSS5.6AI score0.00468EPSS
Exploits1
OpenVAS
OpenVAS
added 2024/02/27 12:0 a.m.10 views

Fedora: Security Advisory (FEDORA-2024-5f136f5d10)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.6AI score0.00468EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2024/02/27 12:0 a.m.25 views

Fedora 39 : perl-Spreadsheet-ParseXLSX (2024-5f136f5d10)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5f136f5d10 advisory. Update to latest version Security fix for CVE-2024-22368 Tenable has extracted the preceding description block directly from the Fedora security...

5.5CVSS5.8AI score0.00468EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/02/27 12:0 a.m.15 views

Fedora 38 : perl-Spreadsheet-ParseXLSX (2024-fa14bfd3b5)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-fa14bfd3b5 advisory. Update to latest version Security fix for CVE-2024-22368 Tenable has extracted the preceding description block directly from the Fedora security...

5.5CVSS5.8AI score0.00468EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2024/02/27 12:0 a.m.16 views

Fedora: Security Advisory for perl-Spreadsheet-ParseXLSX (FEDORA-2024-fa14bfd3b5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.7AI score0.00468EPSS
Exploits1References2
Veracode
Veracode
added 2024/01/25 12:12 a.m.22 views

XML External Entity (XXE)

Spreadsheet::ParseXLSX is vulnerable to XML External Entity XXE. The vulnerability is caused due to neglecting noxxe option of XML::Twig. This can be exploited to compromise Confidentiality of the system...

6.5CVSS6.7AI score0.00776EPSS
Exploits1References7Affected Software1
NVD
NVD
added 2024/01/18 12:15 a.m.24 views

CVE-2024-23525

The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to use the noxxe option of XML::Twig...

6.5CVSS6.4AI score0.00776EPSS
Exploits1References6
OSV
OSV
added 2024/01/18 12:15 a.m.1 views

DEBIAN-CVE-2024-23525

The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to use the noxxe option of XML::Twig...

6.5CVSS6.3AI score0.00776EPSS
Exploits1References1
OSV
OSV
added 2024/01/18 12:15 a.m.2 views

UBUNTU-CVE-2024-23525

The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to use the noxxe option of XML::Twig...

6.5CVSS6.6AI score0.00776EPSS
Exploits1References8
UbuntuCve
UbuntuCve
added 2024/01/18 12:15 a.m.34 views

CVE-2024-23525

The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to use the noxxe option of XML::Twig...

6.5CVSS6.6AI score0.00776EPSS
Exploits1References7
Cvelist
Cvelist
added 2024/01/17 12:0 a.m.36 views

CVE-2024-23525

The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to use the noxxe option of XML::Twig...

6.5AI score0.00776EPSS
Exploits1References6
CVE
CVE
added 2024/01/17 12:0 a.m.80 views

CVE-2024-23525

CVE-2024-23525 affects Spreadsheet::ParseXLSX (Perl) versions prior to 0.30, where XXE is possible because XML::Twig is not invoked with the no_xxe option. The CVSSv3.1 vector (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) yields a base score of 6.5 (Medium) with high impact on confidentiality, no impact ...

6.5CVSS6.2AI score0.00776EPSS
Exploits1References6Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/17 12:0 a.m.6 views

CVE-2024-23525

The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to use the noxxe option of XML::Twig...

6.5AI score0.00776EPSS
Exploits1References6
OSV
OSV
added 2024/01/17 12:0 a.m.17 views

CVE-2024-23525

The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to use the noxxe option of XML::Twig...

6.5CVSS6.7AI score0.00776EPSS
Exploits1References8
Rows per page
Query Builder