CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

Github Security Blog•added 2025/04/17 6:31 p.m.•7 views

Pycel allows code injection via a crafted formula

Pycel through 1.0b30, when operating on an untrusted spreadsheet, allows code execution via a crafted formula in a cell, such as one beginning with the =IFA1=200, eval"import'os'.system substring...

9.8CVSS7.3AI score0.00937EPSS

Exploits2References7Affected Software1

OSV•added 2025/04/17 6:31 p.m.•6 views

GHSA-PW67-XJHQ-389W Pycel allows code injection via a crafted formula

Pycel through 1.0b30, when operating on an untrusted spreadsheet, allows code execution via a crafted formula in a cell, such as one beginning with the =IFA1=200, eval"import'os'.system substring...

9.3CVSS7.2AI score0.00937EPSS

Exploits2References6

NVD•added 2025/04/17 6:15 p.m.•8 views

CVE-2024-53924

Pycel through 1.0b30, when operating on an untrusted spreadsheet, allows code execution via a crafted formula in a cell, such as one beginning with the =IFA1=200, eval"import'os'.system substring...

9.8CVSS0.00937EPSS

Exploits2References4

OSV•added 2025/04/17 6:15 p.m.•3 views

PYSEC-2025-177

Pycel through 1.0b30, when operating on an untrusted spreadsheet, allows code execution via a crafted formula in a cell, such as one beginning with the =IFA1=200, eval"import'os'.system substring...

9.8CVSS6.2AI score0.00937EPSS

Exploits2References4

CVE•added 2025/04/17 12:0 a.m.•73 views

CVE-2024-53924

CVE-2024-53924 affects Pycel up to version 1.0b30. A vulnerability in evaluating Excel-like formulas allows arbitrary code execution when processing untrusted spreadsheets (example: crafted formulas such as using eval). Impact: potential code execution within Pycel’s formula evaluation path. Affe...

9.8CVSS7.1AI score0.00937EPSS

Exploits2References4Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by