9 matches found
CVE-2026-59161 Excelize: Streaming GetRows row-bound bypass causes attacker-controlled allocation
Excelize is a Go language library for reading and writing Microsoft Excel spreadsheets. Prior to 2.11.0, the streaming worksheet reader used by Rows and GetRows does not enforce the TotalRows limit on the row r attribute, allowing a small XLSX file with a row number above 1048576 and no cell...
EUVD-2016-1402
Malware in sbrugna...
EUVD-2023-50892
Malicious code in bioql PyPI...
CVE-2024-22098
in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through use after free...
CVE-2024-27217
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free...
CVE-2024-54030
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause DOS through use after free...
PT-2025-16235
Name of the Vulnerable Software and Affected Versions libsoup affected versions not specified Description A use-after-free type vulnerability was found in libsoup, in the soup message headers get content disposition function. This flaw allows a malicious HTTP client to cause memory corruption in...
CVE-2024-3759
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through use after free...
MGASA-2015-0383 Updated rpcbind packages fix CVE-2015-7236
Updated rpcbind package fixes security vulnerability: A remotely triggerable use-after-free vulnerability was found in rpcbind, a server that converts RPC program numbers into universal addresses. A remote attacker can take advantage of this flaw to mount a denial of service rpcbind crash...