Lucene search
K

996 matches found

Nuclei
Nuclei
added yesterday71 views

Nuovo Spreadsheet Reader 0.5.11 - Local File Inclusion

A Local File inclusion vulnerability in test.php in spreadsheet-reader 0.5.11 allows remote attackers to include arbitrary files via the File parameter. id: CVE-2023-29887 info: name: Nuovo Spreadsheet Reader 0.5.11 - Local File Inclusion author: ctflearner severity: high description: | A Local...

7.5CVSS7.1AI score0.04736EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 6 days ago4 views

libreoffice: LibreOffice Calc: Arbitrary code execution via heap buffer overflow in formula compilation

A vulnerability has been identified in LibreOffice Calc. An application crash may occur if a user opens a malicious spreadsheet that contains excessively long formulas. Successful exploitation of this vulnerability could result in a denial of service or potentially lead to arbitrary code executio...

7.8CVSS6.1AI score0.00139EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/06 5:38 a.m.5 views

libreoffice: LibreOffice Calc: Arbitrary code execution via heap buffer overflow in formula compilation

A vulnerability has been identified in LibreOffice Calc. An application crash may occur if a user opens a malicious spreadsheet that contains excessively long formulas. Successful exploitation of this vulnerability could result in a denial of service or potentially lead to arbitrary code executio...

7.8CVSS6.1AI score0.00139EPSS
Exploits0References5
NVD
NVD
added 2026/06/23 9:17 p.m.8 views

CVE-2026-53931

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the spreadsheet-import endpoint axiosRequestMake could be used as a generic HTTP proxy. Before the fix it was reachable unauthenticated, and its URL-extension allowlist was a regex tested against the full URL string, s...

6.9CVSS0.00295EPSS
Exploits0References1
NVD
NVD
added 2026/06/23 9:17 p.m.8 views

CVE-2026-53927

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the spreadsheet-fetch endpoint axiosRequestMake accepted URLs whose path contained a permitted extension anywhere in the string, and applied a hand-rolled regex blocklist that omitted 127.0.0.0/8 and 169.254.0.0/16,...

5.1CVSS0.00282EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/23 8:5 p.m.5 views

CVE-2026-53927

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the spreadsheet-fetch endpoint axiosRequestMake accepted URLs whose path contained a permitted extension anywhere in the string, and applied a hand-rolled regex blocklist that omitted 127.0.0.0/8 and 169.254.0.0/16,...

5.1CVSS5.8AI score0.00282EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/23 8:5 p.m.17 views

CVE-2026-53927

CVE-2026-53927 affects NocoDB's spreadsheet-fetch endpoint (axiosRequestMake), where URLs with a permitted extension anywhere in the path could bypass the initial blocklist of 127.0.0.0/8 and 169.254.0.0/16 and reach the cloud-metadata endpoint. The issue allowed authenticated editors to access i...

5.1CVSS5.8AI score0.00282EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/23 8:5 p.m.29 views

CVE-2026-53927 NocoDB: Server-Side Request Forgery via Spreadsheet Fetch URL

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the spreadsheet-fetch endpoint axiosRequestMake accepted URLs whose path contained a permitted extension anywhere in the string, and applied a hand-rolled regex blocklist that omitted 127.0.0.0/8 and 169.254.0.0/16,...

5.1CVSS0.00282EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/23 7:41 p.m.26 views

CVE-2026-53931 NocoDB: Server-Side Request Forgery via Spreadsheet Import Endpoint

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the spreadsheet-import endpoint axiosRequestMake could be used as a generic HTTP proxy. Before the fix it was reachable unauthenticated, and its URL-extension allowlist was a regex tested against the full URL string, s...

6.9CVSS0.00295EPSS
Exploits0References1
CVE
CVE
added 2026/06/23 7:41 p.m.16 views

CVE-2026-53931

NocoDB: Server-Side Request Forgery via the spreadsheet-import endpoint (axiosRequestMake) allowed unauthenticated use as a generic HTTP proxy prior to 2026.05.1, enabling potentially unintended requests to internal destinations. The issue is fixed in 2026.05.1. The GHSA/OSV/PT-Security disclosur...

6.9CVSS5.9AI score0.00295EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/22 11:48 p.m.5 views

CSV Injection

Overview @actual-app/web is an Actual on the web Affected versions of this package are vulnerable to CSV Injection in the exportToCSV and exportQueryToCSV processes, where user-controlled input from fields such as Payee and Notes is passed to CSV export without neutralizing formula-triggering...

4.2CVSS5.9AI score0.00286EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/22 9:42 p.m.8 views

@actual-app/cli `--format csv` Output Vulnerable to CSV Formula Injection via Custom `escapeCsv` Helper

Summary @actual-app/cli ships a hand-rolled CSV serializer in packages/cli/src/output.ts used whenever the global --format csv option is passed whose escapeCsv helper only handles RFC 4180 delimiter/quote/newline escaping. It does not neutralize the standard CSV formula-injection prefixes =, +, -...

4.6CVSS6.1AI score0.00188EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/06/22 9:42 p.m.5 views

CSV Injection

Overview Affected versions of this package are vulnerable to CSV Injection via the escapeCsv function, which fails to neutralize formula-triggering prefixes in user-controlled fields when exporting data to CSV format. An attacker can cause arbitrary formula execution or data exfiltration by...

4.6CVSS6.2AI score0.00188EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/17 2:8 p.m.14 views

NocoDB: Server-Side Request Forgery via Spreadsheet Import Endpoint

Summary The spreadsheet-import endpoint axiosRequestMake could be used as a generic HTTP proxy. Before the fix it was reachable unauthenticated, and its URL-extension allowlist was a regex tested against the full URL string, so URLs whose query string ended in .csv for example...

6.9CVSS5.3AI score0.00295EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/06/17 2:8 p.m.4 views

NPM: NocoDB: Server-Side Request Forgery via Spreadsheet Import Endpoint

NPM: NocoDB: Server-Side Request Forgery via Spreadsheet Import Endpoint vulnerability discovered by ? in WordPress Npm nocodb versions = 0.301.3...

6.9CVSS5.8AI score0.00295EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2026/06/17 2:6 p.m.7 views

NPM: NocoDB: Server-Side Request Forgery via Spreadsheet Fetch URL

NPM: NocoDB: Server-Side Request Forgery via Spreadsheet Fetch URL vulnerability discovered by ? in WordPress Npm nocodb versions = 0.301.3...

5.1CVSS5.8AI score0.00282EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/17 2:6 p.m.13 views

NocoDB: Server-Side Request Forgery via Spreadsheet Fetch URL

Summary The spreadsheet-fetch endpoint axiosRequestMake accepted URLs whose path contained a permitted extension anywhere in the string, and applied a hand-rolled regex blocklist that omitted 127.0.0.0/8 and 169.254.0.0/16, allowing the cloud-metadata endpoint to be reached with a crafted URL...

5.1CVSS5.3AI score0.00282EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/15 4:24 p.m.9 views

CVE-2026-8358

LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for two different kinds of change. The importer then treated one change object as a different, larger type and wrote past the end of its...

6.9CVSS5.5AI score0.00171EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/15 4:23 p.m.8 views

CVE-2026-8357

LibreOffice Calc compiles cell formulas when opening a spreadsheet. A heap buffer overflow existed when compiling a very long formula made up of many opening tokens. The array that tracks nesting depth was allocated one element too small for that worst case, so such a formula wrote one element pa...

7.8CVSS5.6AI score0.00139EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/10 1:55 p.m.9 views

CVE-2026-53474 Migration-planner: second-order sql injection via rvtools upload

A flaw was found in migration-planner. A remote authenticated attacker could exploit this vulnerability by uploading a specially crafted RVTools .xlsx file. Due to improper input sanitization, malicious SQL embedded within a spreadsheet cell is executed when cluster names are processed. This SQL...

9.6CVSS5.8AI score0.00298EPSS
Exploits0References3
Rows per page
Query Builder