85 matches found
CVE-2026-8356
LibreOffice can import presentations in the legacy binary PPT format. A stack buffer overflow existed when importing a colour-replacement record. Two fixed-size colour tables were filled from the file, but the write position was not reset between the two passes over the record, so a file whose...
CVE-2026-8356 Stack buffer overflow in PPT presentation import
LibreOffice can import presentations in the legacy binary PPT format. A stack buffer overflow existed when importing a colour-replacement record. Two fixed-size colour tables were filled from the file, but the write position was not reset between the two passes over the record, so a file whose...
EUVD-2026-36738
LibreOffice can import presentations in the legacy binary PPT format. A stack buffer overflow existed when importing a colour-replacement record. Two fixed-size colour tables were filled from the file, but the write position was not reset between the two passes over the record, so a file whose...
PT-2026-49266
LibreOffice can import presentations in the legacy binary PPT format. A stack buffer overflow existed when importing a colour-replacement record. Two fixed-size colour tables were filled from the file, but the write position was not reset between the two passes over the record, so a file whose...
Linux Distros Unpatched Vulnerability : CVE-2026-8356
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LibreOffice can import presentations in the legacy binary PPT format. A stack buffer overflow existed when importing a colour-replacement record. Two fixed-size...
📄 PKP-WAL 3.5.0-1 baseColour LESS Code Injection
PKP-WAL versions 3.5.0-1 and below suffer from a LESS baseColour related code injection vulnerability. ----------------------------------------------------------------- PKP-WAL = 3.5.0-1 baseColour LESS Code Injection Vulnerability -----------------------------------------------------------------...
Malicious code in coloured_vulture_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce19313f17081199d17ace3ce27de8df4bd2b3222d271eb579418501d31a8a18 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2017-6688
Malware in sbrugna...
EUVD-2010-1194
Malware in sbrugna...
EUVD-2018-5338
Malware in sbrugna...
CVE-2025-10235
A flaw has been found in Scada-LTS up to 2.7.8.1. This issue affects some unknown processing of the file /reports.shtm of the component Reports Module. This manipulation of the argument Colour causes cross site scripting. The attack may be initiated remotely. The exploit has been published and ma...
CVE-2025-10235
A flaw has been found in Scada-LTS up to 2.7.8.1. This issue affects some unknown processing of the file /reports.shtm of the component Reports Module. This manipulation of the argument Colour causes cross site scripting. The attack may be initiated remotely. The exploit has been published and ma...
CVE-2025-10235
A flaw has been found in Scada-LTS up to 2.7.8.1. This issue affects some unknown processing of the file /reports.shtm of the component Reports Module. This manipulation of the argument Colour causes cross site scripting. The attack may be initiated remotely. The exploit has been published and ma...
CVE-2025-10235
CVE-2025-10235 affects Scada-LTS up to 2.7.8.1 in the Reports Module, via manipulation of the Colour argument in /reports.shtm that enables cross-site scripting. The attack can be initiated remotely and an exploit has been published. Remediation per sources: upgrade to Scada-LTS 2.7.8.2 or later;...
CVE-2025-10235 Scada-LTS Reports reports.shtm cross site scripting
A flaw has been found in Scada-LTS up to 2.7.8.1. This issue affects some unknown processing of the file /reports.shtm of the component Reports Module. This manipulation of the argument Colour causes cross site scripting. The attack may be initiated remotely. The exploit has been published and ma...
PT-2025-37107
Name of the Vulnerable Software and Affected Versions: Scada-LTS versions prior to 2.7.8.2 Description: A flaw exists in Scada-LTS’s Reports Module due to cross-site scripting. The issue stems from unknown processing of the file /reports.shtm and manipulation of the Colour argument. This...
Scada-LTS 代码注入漏洞
Scada-LTS is an open source, web-based, multi-platform solution from Scada-LTS Open Source. A code injection vulnerability exists in Scada-LTS version 2.7.8.1 and earlier, which stems from an incorrect manipulation of the parameter Colour in the file /reports.shtm, and could lead to a cross-site...
Malicious code in colour-name (npm)
The package colour-name was found to contain malicious code...
Malicious code in colour-string (npm)
The package colour-string was found to contain malicious code...
MAL-2025-17300 Malicious code in colour-name (npm)
The package colour-name was found to contain malicious code...