101 matches found
CVE-2026-6047
LibreOffice can import documents in the OOXML format DOCX. A heap buffer overflow existed when replaying deferred parser events for a text box element. A handler object was assumed to be of one type and written to at that type's field layout, but it could be a smaller object, so the write landed...
EUVD-2026-36737
LibreOffice can import documents in the OOXML format DOCX. A heap buffer overflow existed when replaying deferred parser events for a text box element. A handler object was assumed to be of one type and written to at that type's field layout, but it could be a smaller object, so the write landed...
CVE-2026-6047 Heap buffer overflow in OOXML text box element import
LibreOffice can import documents in the OOXML format DOCX. A heap buffer overflow existed when replaying deferred parser events for a text box element. A handler object was assumed to be of one type and written to at that type's field layout, but it could be a smaller object, so the write landed...
CVE-2026-6047 Heap buffer overflow in OOXML text box element import
LibreOffice can import documents in the OOXML format DOCX. A heap buffer overflow existed when replaying deferred parser events for a text box element. A handler object was assumed to be of one type and written to at that type's field layout, but it could be a smaller object, so the write landed...
CVE-2026-6047
CVE-2026-6047 : LibreOffice is affected during OOXML (DOCX) import of a text box element. The issue is a heap buffer overflow that occurs when replaying deferred parser events; a handler object may be written using a layout for a larger type, causing writes past the allocation end. The root cause...
PT-2026-49265
LibreOffice can import documents in the OOXML format DOCX. A heap buffer overflow existed when replaying deferred parser events for a text box element. A handler object was assumed to be of one type and written to at that type's field layout, but it could be a smaller object, so the write landed...
CVE-2026-4388 Form Maker by 10Web <= 1.15.40 - Unauthenticated Stored Cross-Site Scripting via Matrix Field Text Box
The Form Maker by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Matrix field Text Box input type in form submissions in all versions up to, and including, 1.15.40. This is due to insufficient input sanitization sanitizetextfield strips tags but not quotes and...
CVE-2026-4388
CVE-2026-4388 affects the WordPress plugin “Form Maker by 10Web.” A stored XSS exists in the Matrix field (Text Box input) across all versions up to 1.15.40. Root cause: insufficient input sanitization (sanitize_text_field strips tags but not quotes) and missing output escaping when rendering sub...
CVE-2026-4388 Form Maker by 10Web <= 1.15.40 - Unauthenticated Stored Cross-Site Scripting via Matrix Field Text Box
The Form Maker by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Matrix field Text Box input type in form submissions in all versions up to, and including, 1.15.40. This is due to insufficient input sanitization sanitizetextfield strips tags but not quotes and...
CVE-2021-47818
DupTerminator 1.4.5639.37199 contains a denial of service vulnerability that allows attackers to crash the application by inputting a long character string in the Excluded text box. Attackers can generate a payload of 8000 repeated characters to trigger the application to stop working on Windows ...
CVE-2021-47818
CVE-2021-47818 affects DupTerminator 1.4.5639.37199. The issue is a denial-of-service where inputting a long string into the Excluded text box can crash the application on Windows 10; a payload of 8000 repeated characters is cited as triggering the stop. The vulnerable component is the text-input...
CVE-2021-47818 DupTerminator 1.4.5639.37199 - Denial of Service
DupTerminator 1.4.5639.37199 contains a denial of service vulnerability that allows attackers to crash the application by inputting a long character string in the Excluded text box. Attackers can generate a payload of 8000 repeated characters to trigger the application to stop working on Windows ...
PT-2026-3275
DupTerminator 1.4.5639.37199 contains a denial of service vulnerability that allows attackers to crash the application by inputting a long character string in the Excluded text box. Attackers can generate a payload of 8000 repeated characters to trigger the application to stop working on Windows ...
DupTerminator security vulnerability
DupTerminator is a file cleanup tool developed by Dmitry Borisov. Version 1.4.5639.37199 of DupTerminator contains a security vulnerability, which stems from a buffer overflow in the Excluded text box, potentially leading to a denial-of-service attack...
EUVD-2021-21882
Malware in sbrugna...
EUVD-2019-5878
Malware in sbrugna...
EUVD-2022-6603
Malicious code in bioql PyPI...
EUVD-2025-4019
Malicious code in bioql PyPI...
EUVD-2024-35510
Malicious code in bioql PyPI...
EUVD-2022-31944
Malicious code in bioql PyPI...