Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

NVD
NVDadded 2026/05/15 10:16 p.m.9 views

CVE-2026-44549

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, Excel file attachments are previewed in an unsafe way. A crafted XLSX file payload can be used to cause the sheetjs function sheettohtml to embed an XSS payload into the generated...

8.7CVSS0.00012EPSS
Exploits1References1
Snyk
Snykadded 2026/05/08 10:26 p.m.6 views

Cross-site Scripting (XSS)

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Cross-site Scripting XSS in the process that previews Excel file attachments using the sheettohtml function. An attacker can execute arbitrary scripts in the context of the victim's browser by uploading a...

8.7CVSS5.8AI score0.00012EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2015-2844

Malware in sbrugna...

6.8CVSS6.1AI score0.02149EPSS
Exploits0References9
SUSE CVE
SUSE CVEadded 2023/02/15 5:20 a.m.1 views

SUSE CVE-2015-2753

FreeXL before 1.0.0i allows remote attackers to cause a denial of service stack corruption or possibly execute arbitrary code via a crafted sector in a workbook...

6.8CVSS8AI score0.01918EPSS
Exploits0References4
SUSE CVE
SUSE CVEadded 2023/02/15 5:20 a.m.1 views

SUSE CVE-2015-2754

FreeXL before 1.0.0i allows remote attackers to cause a denial of service stack corruption and possibly execute arbitrary code via a crafted workbook, related to a "premature EOF."...

6.8CVSS7.8AI score0.02149EPSS
Exploits0References4
CNNVD
CNNVDadded 2021/07/19 12:0 a.m.2 views

SheetJS Pro 资源管理错误漏洞

SheetJS Pro is open source a spreadsheet data parser and writer. Create beautiful reports . Faster import and export. Preview grids, images and PDFs. A security vulnerability exists in SheetJS Pro version 0.16.9 and prior versions, which can be exploited by an attacker to cause a denial of servic...

5.5CVSS6.4AI score0.00212EPSS
Exploits0References6
NVD
NVDadded 2015/03/31 2:59 p.m.16 views

CVE-2015-2754

FreeXL before 1.0.0i allows remote attackers to cause a denial of service stack corruption and possibly execute arbitrary code via a crafted workbook, related to a "premature EOF."...

6.8CVSS7.5AI score0.02149EPSS
Exploits0References6
OSV
OSVadded 2015/03/31 2:59 p.m.1 views

DEBIAN-CVE-2015-2754

FreeXL before 1.0.0i allows remote attackers to cause a denial of service stack corruption and possibly execute arbitrary code via a crafted workbook, related to a "premature EOF."...

6.8CVSS7.8AI score0.02149EPSS
Exploits0References1
UbuntuCve
UbuntuCveadded 2015/03/31 2:59 p.m.18 views

CVE-2015-2754

FreeXL before 1.0.0i allows remote attackers to cause a denial of service stack corruption and possibly execute arbitrary code via a crafted workbook, related to a "premature EOF."...

6.8CVSS6.2AI score0.02149EPSS
Exploits0References2
OSV
OSVadded 2015/03/31 2:59 p.m.1 views

UBUNTU-CVE-2015-2754

FreeXL before 1.0.0i allows remote attackers to cause a denial of service stack corruption and possibly execute arbitrary code via a crafted workbook, related to a "premature EOF."...

6.8CVSS6.2AI score0.02149EPSS
Exploits0References3
Cvelist
Cvelistadded 2015/03/31 2:0 p.m.16 views

CVE-2015-2754

FreeXL before 1.0.0i allows remote attackers to cause a denial of service stack corruption and possibly execute arbitrary code via a crafted workbook, related to a "premature EOF."...

7.4AI score0.02149EPSS
Exploits0References6
Rows per page
Query Builder