CVE-2026-26824

A flaw was found in libxls. This vulnerability, a use of uninitialized memory, occurs in the OLE container parser when processing a specially crafted XLS file. An attacker could exploit this by providing a malicious XLS file, which may lead to application crashes or the potential disclosure of...

DEBIAN-CVE-2023-38854

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the transcodelatin1toutf8 function in xlstool.c:296...

CVE-2023-38851

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xlsparseWorkBook function in xls.c:1018...

PT-2023-26635 · Libxls +1 · Libxls +1

Name of the Vulnerable Software and Affected Versions: libxlsv version 1.6.2 Description: A Buffer Overflow issue allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the transcode latin1 to utf8 function in xlstool.c. Recommendations: For...

libreoffice: Remote arbitrary file disclosure vulnerability via WEBSERVICE formula

A flaw was found in libreoffice before 5.4.5 and before 6.0.1. Arbitrary remote file disclosure may be achieved by the use of the WEBSERVICE formula in a specially crafted ODS file...

UBUNTU-CVE-2017-5992

Openpyxl 2.4.1 resolves external entities by default, which allows remote attackers to conduct XXE attacks via a crafted .xlsx document...