CVE-2025-31978 HCL BigFix Service Management (SM) does not adequately sanitize or safely render

HCL BigFix Service Management SM does not adequately sanitize or safely render spreadsheet files CSV, XLS, XLSX before processing or distributing them. An attacker could populate data fields which, when saved to a CSV file, may attempt information exfiltration or other malicious activity when...

CIC-Trap4Phish: A Unified Multi-Format Dataset for Phishing and Quishing Attachment Detection

Phishing attacks represents one of the primary attack methods which is used by cyber attackers. In many cases, attackers use deceptive emails along with malicious attachments to trick users into giving away sensitive information or installing malware while compromising entire systems. The...

Linux Distros Unpatched Vulnerability : CVE-2017-12626

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1 Infinite Loops while parsing crafted WMF, EMF, MSG and macros POI bu...

[SECURITY] [DLA 3702-1] libspreadsheet-parseexcel-perl security update

Debian LTS Advisory DLA-3702-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin December 31, 2023 https://wiki.debian.org/LTS Package : libspreadsheet-parseexcel-perl Version : 0.6500-1+deb10u1 CVE ID : CVE-2023-7101 Debian Bug : 1059450 Le Dinh Hai discovered that...

[SECURITY] [DSA 5592-1] libspreadsheet-parseexcel-perl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5592-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 30, 2023 https://www.debian.org/security/faq -...

Cybercriminals Swarm Windows Utility Regsvr32 to Spread Malware

A Windows living-off-the-land binary LOLBin known as Regsvr32 is seeing a big uptick in abuse of late, researchers are warning, mainly spreading trojans like Lokibot and Qbot. LOLBins are legitimate, native utilities used daily in various computing environments, that cybercriminals use to evade...

PT-2021-2035 · Microsoft · Office Web Apps Server +4

Name of the Vulnerable Software and Affected Versions: Microsoft Excel affected versions not specified Microsoft Office affected versions not specified Microsoft 365 Apps for Enterprise affected versions not specified Microsoft Office Web Apps Server affected versions not specified Microsoft Offi...

CVE-2020-1904

A path validation issue in WhatsApp for iOS prior to v2.20.61 and WhatsApp Business for iOS prior to v2.20.61 could have allowed for directory traversal overwriting files when sending specially crafted docx, xlsx, and pptx files as attachments to messages...

CVE-2016-10585

libxl provides Node bindings for the libxl library for reading and writing excel XLS and XLSX spreadsheets. libxl downloads zipped resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested zip file with an...

poi: Parsing of multiple file types can cause a denial of service via infinite loop or out of memory exception

Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1 Infinite Loops while parsing crafted WMF, EMF, MSG and macros POI bugs 61338 and 61294, and 2 Out of Memory Exceptions while parsing crafted DOC, PPT and XLS POI bugs 52372 and 61295...

CVE-2017-12626

Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1 Infinite Loops while parsing crafted WMF, EMF, MSG and macros POI bugs 61338 and 61294, and 2 Out of Memory Exceptions while parsing crafted DOC, PPT and XLS POI bugs 52372 and 61295...

DSA-3310-1 freexl - security update

Bulletin has no description...

[SECURITY] [DSA 3208-1] freexl security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3208-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 29, 2015 http://www.debian.org/security/faq -...

CVE-2011-1274

Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information during parsing of Excel...