Moderate: libreoffice security update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

Malicious code in jsii-calc-base (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ca8b3646065a7003a827368b4c1ece0f6ab69346c13662e971a5cc0c223f6f13 The OpenSSF Package Analysis project identified 'jsii-calc-base' @ 0.0.1 npm as malicious. It is considered malicious because: - The package...

MAL-2023-8501 Malicious code in jsii-calc-base (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ca8b3646065a7003a827368b4c1ece0f6ab69346c13662e971a5cc0c223f6f13 The OpenSSF Package Analysis project identified 'jsii-calc-base' @ 0.0.1 npm as malicious. It is considered malicious because: - The package...

Moderate: Red Hat Security Advisory: libreoffice security update

An update for libreoffice is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

ALSA-2023:6508 Moderate: libreoffice security update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

CVE-2023-36273

LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bitcalcCRC at bits.c...

CVE-2023-0950 Array Index UnderFlow in Calc Formula Parsing

Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet...

OpenSIPS 安全漏洞

OpenSIPS is a GPL-licensed SIP server implementation by the OpenSIPS Individual Developer. A security vulnerability exists in OpenSIPS version 3.2 and earlier versions, which stems from a segmentation error triggered by sending an incorrectly formatted "Via" header in a call to the "calctagsuffix...

SUSE CVE-2014-3524

Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly have other unspecified impact via a crafted Calc spreadsheet...

SUSE CVE-2019-14492

An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read/write in the function HaarEvaluator::OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service...

SUSE CVE-2019-19010

Eval injection in the Math plugin of Limnoria before 2019.11.09 and Supybot through 2018-05-09 allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands...

NetChess 2.1 Buffer Overflow Exploit

Exploit Title: NetChess2.1 Buffer Overflow SEH Exploit Author: Ugur Eminli Vendor Homepage: https://sourceforge.net/projects/avmnetchess/ Software Link: https://sourceforge.net/projects/avmnetchess/ Version: 2.1 Tested on: WinXP SP2 Build 2600 !/usr/bin/perl my $file= "exploit.pgn"; my $junk=...

NetChess 2.1 Buffer Overflow

Exploit Title: NetChess2.1 Buffer Overflow SEH Date: 8/1/2022 Exploit Author: Ugur Eminli Vendor Homepage: https://sourceforge.net/projects/avmnetchess/ Software Link: https://sourceforge.net/projects/avmnetchess/ Version: 2.1 Tested on: WinXP SP2 Build 2600 !/usr/bin/perl my $file= "exploit.pgn"...

Consensys: CSV Injection at https://assets-paris-demo.codefi.network/

Summary: Hi consensys Security Team. I have found CSV Injection when generate report at https://assets-paris-demo.codefi.network/ CSV Injection, also known as Formula Injection, occurs when websites embed untrusted input inside CSV files. When a spreadsheet program such as Microsoft Excel or...

LibreOffice 参数注入漏洞

LibreOffice is an open source office software suite from The Document Foundation tdf. The product includes the Writer text documents, Calc spreadsheets and Impress presentations applications. A security vulnerability exists in The Document Foundation LibreOffice versions 7.3 through 7.3.6 and 7.4...

PT-2022-34201 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.211 Description: The issue is related to the i740 calc vclk function in the i740fb module of the Linux Kernel. The problem arises from the lack of proper validation of the argument passed to this function...

umair-calc (>=1.0.0 <=1.3.0), umair-calculatorapp (>=1.0.0 <=1.3.0) potentially affected by unknown CVE via isntall (=0.0.1-security)

isntall NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on isntall and may be impacted: - umair-calc =1.0.0, =1.0.0, =1.3.0 Source cves: unknown CVE Source advisory: OSV:MAL-2022-3964...

LibreOffice Trust Management Issue Vulnerability (CNVD-2022-54898)

LibreOffice is an open source office software suite from The Document Foundation tdf. The product includes applications such as Writer text documents, Calc spreadsheets, and Impress presentations.LibreOffice is vulnerable to a trust management issue. An attacker could use this vulnerability to...

MAL-2022-1761 Malicious code in calc-n3mo-69 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2e84db72fdf7f17e95f6c96bd4c44723e28d55b4e730672111457ce47eb562e2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in calc-n3mo-69 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2e84db72fdf7f17e95f6c96bd4c44723e28d55b4e730672111457ce47eb562e2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...