Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

352 matches found

Positive Technologies
Positive Technologiesadded 2026/05/07 12:0 a.m.6 views

PT-2026-38382

Name of the Vulnerable Software and Affected Versions Gotenberg versions 8.31.0 and earlier Description A Server-Side Request Forgery SSRF issue exists in the LibreOffice conversion endpoint "/forms/libreoffice/convert". While some SSRF hardening is present in the Go code, the application passes...

8.2CVSS5.8AI score0.00039EPSS
Exploits1References5
RedhatCVE
RedhatCVEadded 2026/03/09 8:2 a.m.3 views

CVE-2026-3665

A vulnerability was identified in xlnt-community xlnt up to 1.6.1. The affected element is the function xlnt::detail::xlsxconsumer::readofficedocument of the file source/detail/serialization/xlsxconsumer.cpp of the component XLSX File Parser. The manipulation leads to null pointer dereference. Th...

5.5CVSS5.3AI score0.00027EPSS
Exploits1References1
EUVD
EUVDadded 2026/03/07 6:30 p.m.2 views

EUVD-2026-10173

A vulnerability was identified in xlnt-community xlnt up to 1.6.1. The affected element is the function xlnt::detail::xlsxconsumer::readofficedocument of the file source/detail/serialization/xlsxconsumer.cpp of the component XLSX File Parser. The manipulation leads to null pointer dereference. Th...

4.8CVSS5.3AI score0.00027EPSS
Exploits1References7
OSV
OSVadded 2026/03/07 4:15 p.m.1 views

CVE-2026-3665

A vulnerability was identified in xlnt-community xlnt up to 1.6.1. The affected element is the function xlnt::detail::xlsxconsumer::readofficedocument of the file source/detail/serialization/xlsxconsumer.cpp of the component XLSX File Parser. The manipulation leads to null pointer dereference. Th...

5.5CVSS5.3AI score
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/03/07 3:32 p.m.0 views

CVE-2026-3665 xlnt-community xlnt XLSX File xlsx_consumer.cpp read_office_document null pointer dereference

A vulnerability was identified in xlnt-community xlnt up to 1.6.1. The affected element is the function xlnt::detail::xlsxconsumer::readofficedocument of the file source/detail/serialization/xlsxconsumer.cpp of the component XLSX File Parser. The manipulation leads to null pointer dereference. Th...

4.8CVSS5.3AI score0.00027EPSS
Exploits1References6
CVE
CVEadded 2026/03/07 3:32 p.m.5 views

CVE-2026-3665

The CVE-2026-3665 entry concerns the xlnt-community xlnt XLSX File Parser (up to version 1.6.1). The affected element is xlnt::detail::xlsx_consumer::read_office_document in source/detail/serialization/xlsx_consumer.cpp, where manipulation leads to a null pointer dereference. Exploitation require...

5.5CVSS5.3AI score0.00027EPSS
Exploits1References6Affected Software1
Cvelist
Cvelistadded 2026/03/07 3:32 p.m.30 views

CVE-2026-3665 xlnt-community xlnt XLSX File xlsx_consumer.cpp read_office_document null pointer dereference

A vulnerability was identified in xlnt-community xlnt up to 1.6.1. The affected element is the function xlnt::detail::xlsxconsumer::readofficedocument of the file source/detail/serialization/xlsxconsumer.cpp of the component XLSX File Parser. The manipulation leads to null pointer dereference. Th...

4.8CVSS0.00027EPSS
Exploits1References6
RedhatCVE
RedhatCVEadded 2026/01/09 12:0 p.m.6 views

CVE-2018-19448

In Foxit Reader SDK ActiveX Professional 5.4.0.1031, an uninitialized object in IReaderContentProvider::GetDocEventHandler occurs when embedding the control into Office documents. By opening a specially crafted document, an attacker can trigger an out of bounds write condition, possibly leveragin...

7.8CVSS7.8AI score0.0036EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 11:27 a.m.6 views

CVE-2021-33793

Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 have an out-of-bounds write because the Cross-Reference table is mishandled during Office document conversion...

9.8CVSS7.2AI score0.00027EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2020-18456

Malware in sbrugna...

6.5CVSS6.8AI score0.0395EPSS
Exploits3References7
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2021-20470

Malware in sbrugna...

9.8CVSS9.2AI score0.00027EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2011-1423

Malware in sbrugna...

6.8CVSS5.5AI score0.06133EPSS
Exploits3References13
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2011-0234

Malware in sbrugna...

6.8CVSS6.1AI score0.02057EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2017-0418

Malware in sbrugna...

5.4CVSS7.3AI score0.00514EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2014-1338

Malware in sbrugna...

6.8CVSS6.2AI score0.01341EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2025/09/24 2:23 a.m.4 views

CVE-2025-10777

A flaw has been found in JSC R7 R7-Office Document Server up to 20250820. Impacted is an unknown function of the file /downloadas/. Executing manipulation of the argument cmd can lead to path traversal. The attack can be launched remotely. Upgrading to version 2025.3.1.923 is recommended to addre...

6.5CVSS6.5AI score0.00049EPSS
Exploits0References1
NVD
NVDadded 2025/09/22 3:15 a.m.1 views

CVE-2025-10777

A flaw has been found in JSC R7 R7-Office Document Server up to 20250820. Impacted is an unknown function of the file /downloadas/. Executing manipulation of the argument cmd can lead to path traversal. The attack can be launched remotely. Upgrading to version 2025.3.1.923 is recommended to addre...

6.5CVSS0.00049EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/09/22 2:2 a.m.6 views

CVE-2025-10777 JSC R7 R7-Office Document Server downloadas path traversal

A flaw has been found in JSC R7 R7-Office Document Server up to 20250820. Impacted is an unknown function of the file /downloadas/. Executing manipulation of the argument cmd can lead to path traversal. The attack can be launched remotely. Upgrading to version 2025.3.1.923 is recommended to addre...

6.5CVSS0.00049EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/09/22 2:2 a.m.2 views

CVE-2025-10777 JSC R7 R7-Office Document Server downloadas path traversal

A flaw has been found in JSC R7 R7-Office Document Server up to 20250820. Impacted is an unknown function of the file /downloadas/. Executing manipulation of the argument cmd can lead to path traversal. The attack can be launched remotely. Upgrading to version 2025.3.1.923 is recommended to addre...

6.5CVSS6.3AI score0.00049EPSS
Exploits0References3
CNNVD
CNNVDadded 2025/09/22 12:0 a.m.1 views

JSC R7 R7-Office Document Server 路径遍历漏洞

JSC R7 R7-Office Document Server is an office software from the Russian company JSC R7. A path traversal vulnerability exists in JSC R7 R7-Office Document Server 20250820 and earlier versions, which stems from incorrect manipulation of the parameter cmd in the file /downloadas/, which could lead ...

6.5CVSS6.3AI score0.00049EPSS
Exploits0References3
Rows per page
Query Builder