Lucene search
K

9 matches found

OSV
OSV
added 5 days ago3 views

CVE-2026-59161 Excelize: Streaming GetRows row-bound bypass causes attacker-controlled allocation

Excelize is a Go language library for reading and writing Microsoft Excel spreadsheets. Prior to 2.11.0, the streaming worksheet reader used by Rows and GetRows does not enforce the TotalRows limit on the row r attribute, allowing a small XLSX file with a row number above 1048576 and no cell...

8.7CVSS6.1AI score0.00524EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2016-1402

Malware in sbrugna...

5.5CVSS6.4AI score0.01459EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-50892

Malicious code in bioql PyPI...

7.8CVSS5.1AI score0.00172EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:6 a.m.9 views

CVE-2024-22098

in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through use after free...

8.8CVSS7.6AI score0.00187EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:59 a.m.10 views

CVE-2024-27217

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free...

7.8CVSS7.6AI score0.00193EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:58 a.m.3 views

CVE-2024-54030

in OpenHarmony v4.1.2 and prior versions allow a local attacker cause DOS through use after free...

4.4CVSS6.7AI score0.00177EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.4 views

PT-2025-16235

Name of the Vulnerable Software and Affected Versions libsoup affected versions not specified Description A use-after-free type vulnerability was found in libsoup, in the soup message headers get content disposition function. This flaw allows a malicious HTTP client to cause memory corruption in...

9CVSS8.1AI score0.00847EPSS
Exploits0References172
NVD
NVD
added 2024/05/07 7:15 a.m.18 views

CVE-2024-3759

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through use after free...

7.8CVSS6.8AI score0.00199EPSS
Exploits0References1
OSV
OSV
added 2015/09/25 6:43 p.m.6 views

MGASA-2015-0383 Updated rpcbind packages fix CVE-2015-7236

Updated rpcbind package fixes security vulnerability: A remotely triggerable use-after-free vulnerability was found in rpcbind, a server that converts RPC program numbers into universal addresses. A remote attacker can take advantage of this flaw to mount a denial of service rpcbind crash...

7.5CVSS7.4AI score0.06408EPSS
Exploits0References3
Rows per page
Query Builder