Lucene search
K

85 matches found

NVD
NVD
added 2026/06/15 6:16 p.m.15 views

CVE-2026-8356

LibreOffice can import presentations in the legacy binary PPT format. A stack buffer overflow existed when importing a colour-replacement record. Two fixed-size colour tables were filled from the file, but the write position was not reset between the two passes over the record, so a file whose...

6.9CVSS0.0012EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 4:23 p.m.5 views

CVE-2026-8356 Stack buffer overflow in PPT presentation import

LibreOffice can import presentations in the legacy binary PPT format. A stack buffer overflow existed when importing a colour-replacement record. Two fixed-size colour tables were filled from the file, but the write position was not reset between the two passes over the record, so a file whose...

6.9CVSS5.7AI score0.0012EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 4:23 p.m.11 views

EUVD-2026-36738

LibreOffice can import presentations in the legacy binary PPT format. A stack buffer overflow existed when importing a colour-replacement record. Two fixed-size colour tables were filled from the file, but the write position was not reset between the two passes over the record, so a file whose...

6.9CVSS5.7AI score0.0012EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.12 views

PT-2026-49266

LibreOffice can import presentations in the legacy binary PPT format. A stack buffer overflow existed when importing a colour-replacement record. Two fixed-size colour tables were filled from the file, but the write position was not reset between the two passes over the record, so a file whose...

6.9CVSS5.7AI score0.0012EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/15 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-8356

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LibreOffice can import presentations in the legacy binary PPT format. A stack buffer overflow existed when importing a colour-replacement record. Two fixed-size...

6.9CVSS6.2AI score0.0012EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2025/12/23 12:0 a.m.189 views

📄 PKP-WAL 3.5.0-1 baseColour LESS Code Injection

PKP-WAL versions 3.5.0-1 and below suffer from a LESS baseColour related code injection vulnerability. ----------------------------------------------------------------- PKP-WAL = 3.5.0-1 baseColour LESS Code Injection Vulnerability -----------------------------------------------------------------...

7.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/10 5:21 p.m.3 views

Malicious code in coloured_vulture_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce19313f17081199d17ace3ce27de8df4bd2b3222d271eb579418501d31a8a18 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-6688

Malware in sbrugna...

7.5CVSS7.6AI score0.02139EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2010-1194

Malware in sbrugna...

4.3CVSS6.4AI score0.02235EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-5338

Malware in sbrugna...

6.1CVSS6.1AI score0.01008EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/09/13 1:18 a.m.5 views

CVE-2025-10235

A flaw has been found in Scada-LTS up to 2.7.8.1. This issue affects some unknown processing of the file /reports.shtm of the component Reports Module. This manipulation of the argument Colour causes cross site scripting. The attack may be initiated remotely. The exploit has been published and ma...

4.8CVSS5.4AI score0.0028EPSS
Exploits1References1
NVD
NVD
added 2025/09/11 1:15 a.m.9 views

CVE-2025-10235

A flaw has been found in Scada-LTS up to 2.7.8.1. This issue affects some unknown processing of the file /reports.shtm of the component Reports Module. This manipulation of the argument Colour causes cross site scripting. The attack may be initiated remotely. The exploit has been published and ma...

4.8CVSS0.0028EPSS
Exploits1References4
OSV
OSV
added 2025/09/11 1:15 a.m.2 views

CVE-2025-10235

A flaw has been found in Scada-LTS up to 2.7.8.1. This issue affects some unknown processing of the file /reports.shtm of the component Reports Module. This manipulation of the argument Colour causes cross site scripting. The attack may be initiated remotely. The exploit has been published and ma...

4.8CVSS5.5AI score
Exploits0References4
CVE
CVE
added 2025/09/11 12:32 a.m.17 views

CVE-2025-10235

CVE-2025-10235 affects Scada-LTS up to 2.7.8.1 in the Reports Module, via manipulation of the Colour argument in /reports.shtm that enables cross-site scripting. The attack can be initiated remotely and an exploit has been published. Remediation per sources: upgrade to Scada-LTS 2.7.8.2 or later;...

4.8CVSS2.9AI score0.0028EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/09/11 12:32 a.m.3 views

CVE-2025-10235 Scada-LTS Reports reports.shtm cross site scripting

A flaw has been found in Scada-LTS up to 2.7.8.1. This issue affects some unknown processing of the file /reports.shtm of the component Reports Module. This manipulation of the argument Colour causes cross site scripting. The attack may be initiated remotely. The exploit has been published and ma...

4.8CVSS5.2AI score0.0028EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/09/11 12:0 a.m.6 views

PT-2025-37107

Name of the Vulnerable Software and Affected Versions: Scada-LTS versions prior to 2.7.8.2 Description: A flaw exists in Scada-LTS’s Reports Module due to cross-site scripting. The issue stems from unknown processing of the file /reports.shtm and manipulation of the Colour argument. This...

4.8CVSS3AI score0.0028EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/09/11 12:0 a.m.3 views

Scada-LTS 代码注入漏洞

Scada-LTS is an open source, web-based, multi-platform solution from Scada-LTS Open Source. A code injection vulnerability exists in Scada-LTS version 2.7.8.1 and earlier, which stems from an incorrect manipulation of the parameter Colour in the file /reports.shtm, and could lead to a cross-site...

4.8CVSS4.1AI score0.0028EPSS
Exploits1References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in colour-name (npm)

The package colour-name was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in colour-string (npm)

The package colour-string was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-17300 Malicious code in colour-name (npm)

The package colour-name was found to contain malicious code...

7.2AI score
Exploits0
Rows per page
Query Builder