15 matches found
CVE-2026-2703
A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::decodebase64 of the file source/detail/cryptography/base64.cpp of the component Encrypted XLSX File Parser. Executing a manipulation can lead to off-by-one. The attack requires local access...
Off-by-one Error
Overview Affected versions of this package are vulnerable to Off-by-one Error via the decodebase64 function in the Encrypted XLSX File Parser component. An attacker can cause a denial of service by executing a manipulation that triggers an off-by-one error. Remediation A fix was pushed into the...
CVE-2026-2703 xlnt-community xlnt Encrypted XLSX File base64.cpp decode_base64 off-by-one
A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::decodebase64 of the file source/detail/cryptography/base64.cpp of the component Encrypted XLSX File Parser. Executing a manipulation can lead to off-by-one. The attack requires local access...
CVE-2026-2703
CVE-2026-2703 affects the xlnt-community xlnt project up to version 1.6.1. The vulnerability resides in the function xlnt::detail::decode_base64 (source/detail/cryptography/base64.cpp) of the Encrypted XLSX File Parser and is caused by an off-by-one flaw introduced by manipulation. The issue requ...
CVE-2026-2703 xlnt-community xlnt Encrypted XLSX File base64.cpp decode_base64 off-by-one
A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::decodebase64 of the file source/detail/cryptography/base64.cpp of the component Encrypted XLSX File Parser. Executing a manipulation can lead to off-by-one. The attack requires local access...
xlnt 安全漏洞
xlnt is an open-source C++ language library developed by the xlnt-community. Versions of xlnt 1.6.1 and earlier contain security vulnerabilities, which stem from a rounding error in the function xlnt::detail::decodebase64 located in the file source/detail/cryptography/base64.cpp...
Linux Distros Unpatched Vulnerability : CVE-2025-29917
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The bytes setting in the decodebase64...
SUSE CVE-2025-29917
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The bytes setting in the decodebase64 keyword is not properly limited. Due to this, signatures using the keyword and setting can cause large memory allocations of up to 4 GiB per...
NI Circuit Design Suite 安全漏洞
NI Circuit Design Suite is a circuit design suite from National Instruments NI that provides a complete set of tools for circuit design, simulation, verification, and layout. A security vulnerability exists in NI Circuit Design Suite version 14.3.0 and prior versions, which originates from an...
CVE-2025-29917
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The bytes setting in the decodebase64 keyword is not properly limited. Due to this, signatures using the keyword and setting can cause large memory allocations of up to 4 GiB per...
DEBIAN-CVE-2025-29917
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The bytes setting in the decodebase64 keyword is not properly limited. Due to this, signatures using the keyword and setting can cause large memory allocations of up to 4 GiB per...
UBUNTU-CVE-2025-29917
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The bytes setting in the decodebase64 keyword is not properly limited. Due to this, signatures using the keyword and setting can cause large memory allocations of up to 4 GiB per...
CVE-2025-29917
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The bytes setting in the decodebase64 keyword is not properly limited. Due to this, signatures using the keyword and setting can cause large memory allocations of up to 4 GiB per...
CVE-2025-29917
CVE-2025-29917 affects Suricata. The issue is in the bytes setting of the decode_base64 keyword, where values are not properly limited, allowing signatures using this keyword to cause large memory allocations (up to 4 GiB per thread). Documented impact is where memory usage can be excessive, pote...
Suricata 安全漏洞
Suricata is a network IDS, IPS and NSM engine from the Open Information Security Foundation. A security vulnerability exists in Suricata that stems from an improper setting of the decodebase64 keyword, which could lead to large memory allocations...