Astra Linux - уязвимость в libgsf

There is an integer overflow vulnerability in the Compound Document Binary File format parser of the GNOME Project G Structured File Library libgsf version v1.14.52. A specially crafted file can lead to an integer overflow when processing the directory from the file, allowing an out-of-bounds ind...

CVE-2026-3663

A vulnerability was found in xlnt-community xlnt up to 1.6.1. This issue affects the function xlnt::detail::compounddocumentistreambuf::xsgetn of the file source/detail/cryptography/compounddocument.cpp of the component XLSX File Parser. Performing a manipulation results in out-of-bounds read. Th...

CVE-2026-3663 xlnt-community xlnt XLSX File compound_document.cpp xsgetn out-of-bounds

A vulnerability was found in xlnt-community xlnt up to 1.6.1. This issue affects the function xlnt::detail::compounddocumentistreambuf::xsgetn of the file source/detail/cryptography/compounddocument.cpp of the component XLSX File Parser. Performing a manipulation results in out-of-bounds read. Th...

CVE-2026-3663

The CVE-2026-3663 issue affects xlnt-community xlnt up to 1.6.1, specifically the xlnt::detail::compound_document_istreambuf::xsgetn function in source/detail/cryptography/compound_document.cpp of the XLSX File Parser. A manipulation can trigger an out-of-bounds read, with local access required. ...

xlnt 缓冲区错误漏洞

xlnt is an open-source C++ language library developed by the xlnt-community. Versions of xlnt 1.6.1 and earlier contain a buffer error vulnerability. This vulnerability stems from incorrect operations on the function xsgetn in the file source/detail/cryptography/compounddocument.cpp, which may le...

PT-2026-23860

A vulnerability was determined in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::compound document::read directory of the file source/detail/cryptography/compound document.cpp of the component Encrypted XLSX File Parser. Executing a manipulation can lead to out-of-bounds...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the xlnt::detail::binarywriter::append function in the Compound Document Parser process. An attacker can cause a heap-based buffer overflow by providing specially crafted input to this function during loca...

CVE-2026-3463

A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::binarywriter::append of the file source/detail/binary.hpp of the component Compound Document Parser. This manipulation causes heap-based buffer overflow. The attack can only be executed...

CVE-2026-3463 xlnt-community xlnt Compound Document binary.hpp append heap-based overflow

A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::binarywriter::append of the file source/detail/binary.hpp of the component Compound Document Parser. This manipulation causes heap-based buffer overflow. The attack can only be executed...

xlnt 安全漏洞

xlnt is an open-source C++ language library developed by the xlnt-community. Versions of xlnt 1.6.1 and earlier contain security vulnerabilities. These vulnerabilities stem from a buffer overflow vulnerability in the function xlnt::detail::binarywriter::append located in the...

PT-2026-22730

A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::binary writer::append of the file source/detail/binary.hpp of the component Compound Document Parser. This manipulation causes heap-based buffer overflow. The attack can only be executed...

EUVD-2009-3901

Malware in sbrugna...

EUVD-2009-1512

Malware in sbrugna...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libgsf (UTSA-2025-658553)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-658553 advisory. An integer overflow vulnerability exists in the Compound Document Binary File format parser of v1.14.52 of the GNOME Project G Structured File Library libgsf. A...

EUVD-2024-36111

Malicious code in bioql PyPI...

Ubuntu: Security Advisory (USN-7062-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7062-2: libgsf vulnerabilities

USN-7062-1 fixed vulnerabilities in libgsf. This update provides the corresponding updates for Ubuntu 24.10. Original advisory details: It was discovered that libgsf incorrectly handled certain Compound Document Binary files. If a user or automated system were tricked into opening a specially...

USN-7062-2 libgsf vulnerabilities

USN-7062-1 fixed vulnerabilities in libgsf. This update provides the corresponding updates for Ubuntu 24.10. Original advisory details: It was discovered that libgsf incorrectly handled certain Compound Document Binary files. If a user or automated system were tricked into opening a specially...

USN-7062-1: libgsf vulnerabilities

It was discovered that libgsf incorrectly handled certain Compound Document Binary files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could possibly use this issue to execute arbitrary code...

CVE-2024-36474

An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library libgsf. A specially crafted file can result in an integer overflow when processing the directory from the file, allowing an out-of-bounds index to be used whe...