1143 matches found
RockyLinux 9 : libreoffice (RLSA-2026:36832)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:36832 advisory. libreoffice: LibreOffice Calc: Arbitrary code execution via heap buffer overflow in formula compilation CVE-2026-8357 Tenable has extracted the preceding...
OpenPLC v3
ADVISORY SUMMARY Successful exploitation of this vulnerability could allow an authenticated attacker to write arbitrary files to the filesystem and escalate this into arbitrary native code execution through the normal OpenPLC program compilation process, potentially resulting in code execution...
libreoffice: LibreOffice Calc: Arbitrary code execution via heap buffer overflow in formula compilation
A vulnerability has been identified in LibreOffice Calc. An application crash may occur if a user opens a malicious spreadsheet that contains excessively long formulas. Successful exploitation of this vulnerability could result in a denial of service or potentially lead to arbitrary code executio...
RLSA-2026:35839 Important: libreoffice security update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
libreoffice security update
An update is available for libreoffice. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list LibreOffice is an open source, community-developed office productivity...
Important: Red Hat Security Advisory: libreoffice security update
An update for libreoffice is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
ALSA-2026:35839 Important: libreoffice security update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
RHEL 8 : libreoffice (RHSA-2026:35839)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:35839 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a...
MAL-2026-6539 Malicious code in db-query-log (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4928f7d380b79104d997e7666603726873158508c38d2c75a90c7529dd196be3 The package presents itself as a database query helper but index.js defines a method queryDBConnect that base64-decodes a hardcoded URL pointing to...
CVE-2026-21734
The CVE-2026-21734 reports an out-of-bounds write in the GPU shader compiler library triggered by loading a web page containing unusual GPU shader code. The vulnerability affects the GPU shader compiler process and can lead to a segmentation fault or write-out-of-bounds in the shader compiler, wi...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: A memory leak was fixed in amdgpurasinit. When amdgpunbiorasswinit fails in amdgpurasinit, the function returns directly without freeing the allocated con structure, resulting in a memory leak. This issue was fixed by...
Updated perl packages fix security vulnerabilities
Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a repeated fixed string on 32-bit builds. CVE-2026-8376...
Linux Distros Unpatched Vulnerability : CVE-2026-12299
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JIT miscompilation in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and...
CVE-2026-8357
LibreOffice Calc compiles cell formulas when opening a spreadsheet. A heap buffer overflow existed when compiling a very long formula made up of many opening tokens. The array that tracks nesting depth was allocated one element too small for that worst case, so such a formula wrote one element pa...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via improper handling of namespaced elements and attributes during template compilation and sanitization. An attacker can execute arbitrary JavaScript in the user's browser by injecting specially crafted templat...
CVE-2026-8357
CVE-2026-8357 affects LibreOffice Calc. A heap buffer overflow occurs when compiling very long formulas with many opening tokens: the nesting-depth tracking array was allocated too small for the worst case, causing writes past the end. In fixed versions the array is sized to hold the largest poss...
CVE-2026-8357 Heap buffer overflow in Calc formula compilation
LibreOffice Calc compiles cell formulas when opening a spreadsheet. A heap buffer overflow existed when compiling a very long formula made up of many opening tokens. The array that tracks nesting depth was allocated one element too small for that worst case, so such a formula wrote one element pa...
CVE-2026-8357
LibreOffice Calc compiles cell formulas when opening a spreadsheet. A heap buffer overflow existed when compiling a very long formula made up of many opening tokens. The array that tracks nesting depth was allocated one element too small for that worst case, so such a formula wrote one element pa...
CVE-2026-8357 Heap buffer overflow in Calc formula compilation
LibreOffice Calc compiles cell formulas when opening a spreadsheet. A heap buffer overflow existed when compiling a very long formula made up of many opening tokens. The array that tracks nesting depth was allocated one element too small for that worst case, so such a formula wrote one element pa...
SUSE-SU-2026:2326-1 Security update for go1.25
This update for go1.25 fixes the following issues Update to go1.25.11 bsc1244485: - CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. - CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. - CVE-2026-42507: net/textproto: arbitrary input are...