124 matches found
CVE-2026-26824
A flaw was found in libxls. This vulnerability, a use of uninitialized memory, occurs in the OLE container parser when processing a specially crafted XLS file. An attacker could exploit this by providing a malicious XLS file, which may lead to application crashes or the potential disclosure of...
CVE-2026-6846
A flaw was found in binutils. A heap-buffer-overflow vulnerability exists when processing a specially crafted XCOFF Extended Common Object File Format object file during linking. A local attacker could trick a user into processing this malicious file, which could lead to arbitrary code execution,...
CVE-2026-26162
Access of resource using incompatible type 'type confusion' in Windows OLE allows an authorized attacker to elevate privileges locally...
CVE-2026-26162 Windows OLE Elevation of Privilege Vulnerability
...
Windows OLE Elevation of Privilege Vulnerability
Access of resource using incompatible type 'type confusion' in Windows OLE allows an authorized attacker to elevate privileges locally...
The Bug Report - January 2026 Edition
The Bug Report – January 2026 Edition By Jonathan Omakun · February 12, 2026 Why am I here? Welcome back to The Bug Report, the post-holiday edition, where we realize that while our resolutions to "go to the gym" have already failed, hackers’ resolutions to "break everything" are going strong. Fo...
CLEANSTART-2026-LA13761 vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device
Multiple security vulnerabilities affect the clamav package. A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. See references for individual vulnerability details...
Microsoft Office zero-day lets malicious documents slip past security checks
Microsoft issued an emergency patch for a high-severity zero-day vulnerability in Office that allows attackers to bypass document security checks and is being exploited in the wild via malicious files. Microsoft pushed the emergency patch for the zero‑day, tracked as CVE-2026-21509, and classifie...
CVE-2025-65117
The vulnerability, if exploited, could allow an authenticated miscreant Process Optimization Designer User to embed OLE objects into graphics, and escalate their privileges to the identity of a victim user who subsequently interacts with the graphical elements...
CVE-2025-65117
The CVE-2025-65117 entry concerns AVEVA Process Optimization: an authenticated Process Optimization Designer User can embed OLE objects into graphics, potentially escalating privileges to a victim user after interaction with the graphics. Core details indicate local access with low attack complex...
CVE-2025-64402
Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used "OLE objects" linked to...
CVE-2025-60714
Heap-based buffer overflow in Windows OLE allows an unauthorized attacker to execute code locally...
EUVD-2025-93416
Heap-based buffer overflow in Windows OLE allows an unauthorized attacker to execute code locally...
CVE-2025-60714 Windows OLE Remote Code Execution Vulnerability
...
CVE-2025-60714 Windows OLE Remote Code Execution Vulnerability
...
Microsoft Windows 安全漏洞
Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows OLE. An attacker exploiting this vulnerability could execute code. The following products and editions are affected:Windows 10 Version...
PT-2025-46475
Name of the Vulnerable Software and Affected Versions Windows OLE affected versions not specified Description A heap-based buffer overflow exists in Windows OLE. This flaw could allow an unauthorized attacker to execute code locally. Recommendations At the moment, there is no information about a...
EUVD-2013-2564
Malware in sbrugna...
[SECURITY] [DLA 4292-1] clamav security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4292-1 [email protected] https://www.debian.org/lts/security/ Lucas Kanashiro September 04, 2025 https://wiki.debian.org/LTS -...
CLSA-2025-1756409595 clamav: Fix of 4 CVEs
Update to 1.4.3 LTS - CVE-2025-20260: Fixed a possible buffer overflow write bug in the PDF file parser - CVE-2025-20234: Fixed a possible buffer overflow read bug in the UDF file parser - CVE-2025-20128: Fixed a possible buffer overflow read bug in the OLE2 file parser - CVE-2024-20506: Changed...