Lucene search
K

20 matches found

Snyk
Snyk
added 2026/03/07 6:45 p.m.2 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the readofficedocument function. An attacker can cause a denial of service by providing crafted XLSX files that trigger a null pointer dereference during parsing. Remediation There is no fixed version for xln...

5.5CVSS5.8AI score0.00205EPSS
Exploits1References2
Snyk
Snyk
added 2026/03/07 4:46 p.m.5 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the readdirectory function. An attacker can cause a denial of service by providing specially crafted input files that trigger an out-of-bounds read during the parsing process. Remediation A fix was pushed into the...

5.5CVSS5.8AI score0.00179EPSS
Exploits1References2
OSV
OSV
added 2026/03/07 4:15 p.m.5 views

CVE-2026-3665

A vulnerability was identified in xlnt-community xlnt up to 1.6.1. The affected element is the function xlnt::detail::xlsxconsumer::readofficedocument of the file source/detail/serialization/xlsxconsumer.cpp of the component XLSX File Parser. The manipulation leads to null pointer dereference. Th...

5.5CVSS5.3AI score
Exploits0References6
CVE
CVE
added 2026/03/07 3:32 p.m.13 views

CVE-2026-3665

The CVE-2026-3665 entry concerns the xlnt-community xlnt XLSX File Parser (up to version 1.6.1). The affected element is xlnt::detail::xlsx_consumer::read_office_document in source/detail/serialization/xlsx_consumer.cpp, where manipulation leads to a null pointer dereference. Exploitation require...

5.5CVSS5.3AI score0.00205EPSS
Exploits1References6Affected Software1
EUVD
EUVD
added 2026/03/07 3:30 p.m.5 views

EUVD-2026-10156

A vulnerability was determined in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::compounddocument::readdirectory of the file source/detail/cryptography/compounddocument.cpp of the component Encrypted XLSX File Parser. Executing a manipulation can lead to out-of-bounds rea...

4.8CVSS5.4AI score0.00179EPSS
Exploits1References8
EUVD
EUVD
added 2026/03/07 3:30 p.m.9 views

EUVD-2026-10155

A vulnerability was found in xlnt-community xlnt up to 1.6.1. This issue affects the function xlnt::detail::compounddocumentistreambuf::xsgetn of the file source/detail/cryptography/compounddocument.cpp of the component XLSX File Parser. Performing a manipulation results in out-of-bounds read. Th...

4.8CVSS5.3AI score0.0017EPSS
Exploits1References8
CVE
CVE
added 2026/03/07 2:32 p.m.8 views

CVE-2026-3663

The CVE-2026-3663 issue affects xlnt-community xlnt up to 1.6.1, specifically the xlnt::detail::compound_document_istreambuf::xsgetn function in source/detail/cryptography/compound_document.cpp of the XLSX File Parser. A manipulation can trigger an out-of-bounds read, with local access required. ...

7.1CVSS5.3AI score0.0017EPSS
Exploits1References7Affected Software1
CNNVD
CNNVD
added 2026/03/07 12:0 a.m.5 views

xlnt 缓冲区错误漏洞

xlnt is an open-source C++ language library developed by xlnt-community. Versions of xlnt-community such as xlnt 1.6.1 and earlier contained a buffer error vulnerability. This vulnerability stemmed from incorrect operations with the readdirectory function in the file...

5.5CVSS6AI score0.00179EPSS
Exploits1References7
CNNVD
CNNVD
added 2026/03/07 12:0 a.m.7 views

xlnt 代码问题漏洞

xlnt is an open-source C++ language library developed by the xlnt-community. Versions of xlnt 1.6.1 and earlier contained code vulnerabilities. These vulnerabilities stemmed from incorrect operations on the function readofficedocument in the file source/detail/serialization/xlsxconsumer.cpp, whic...

5.5CVSS5.8AI score0.00205EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/03/04 1:44 p.m.5 views

CVE-2026-3463

A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::binarywriter::append of the file source/detail/binary.hpp of the component Compound Document Parser. This manipulation causes heap-based buffer overflow. The attack can only be executed...

7.8CVSS5.9AI score0.00195EPSS
Exploits1References1
Snyk
Snyk
added 2026/03/03 3:43 p.m.4 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the xlnt::detail::binarywriter::append function in the Compound Document Parser process. An attacker can cause a heap-based buffer overflow by providing specially crafted input to this function during loca...

7.8CVSS6.1AI score0.00195EPSS
Exploits1References2
NVD
NVD
added 2026/03/03 12:16 p.m.6 views

CVE-2026-3463

A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::binarywriter::append of the file source/detail/binary.hpp of the component Compound Document Parser. This manipulation causes heap-based buffer overflow. The attack can only be executed...

7.8CVSS0.00195EPSS
Exploits1References8
OSV
OSV
added 2026/03/03 12:16 p.m.5 views

CVE-2026-3463

A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::binarywriter::append of the file source/detail/binary.hpp of the component Compound Document Parser. This manipulation causes heap-based buffer overflow. The attack can only be executed...

7.8CVSS5.9AI score
Exploits0References8
Cvelist
Cvelist
added 2026/03/03 12:2 p.m.36 views

CVE-2026-3463 xlnt-community xlnt Compound Document binary.hpp append heap-based overflow

A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::binarywriter::append of the file source/detail/binary.hpp of the component Compound Document Parser. This manipulation causes heap-based buffer overflow. The attack can only be executed...

4.8CVSS0.00195EPSS
Exploits1References8
ATTACKERKB
ATTACKERKB
added 2026/03/03 12:2 p.m.4 views

CVE-2026-3463

A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::binarywriter::append of the file source/detail/binary.hpp of the component Compound Document Parser. This manipulation causes heap-based buffer overflow. The attack can only be executed...

7.8CVSS5.9AI score0.00195EPSS
Exploits1References8Affected Software1
CVE
CVE
added 2026/03/03 12:2 p.m.14 views

CVE-2026-3463

CVE-2026-3463 affects xlnt-community xlnt up to 1.6.1. The vulnerability lies in xlnt::detail::binary_writer::append within source/detail/binary.hpp of the Compound Document Parser, causing a heap-based buffer overflow. Exploitation is local, and public PoCs/ exploits exist per the provided sourc...

7.8CVSS5.9AI score0.00195EPSS
Exploits1References8Affected Software1
NVD
NVD
added 2026/02/19 7:17 a.m.6 views

CVE-2026-2703

A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::decodebase64 of the file source/detail/cryptography/base64.cpp of the component Encrypted XLSX File Parser. Executing a manipulation can lead to off-by-one. The attack requires local access...

5.5CVSS0.00209EPSS
Exploits1References7
OSV
OSV
added 2026/02/19 7:17 a.m.3 views

CVE-2026-2703

A weakness has been identified in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::decodebase64 of the file source/detail/cryptography/base64.cpp of the component Encrypted XLSX File Parser. Executing a manipulation can lead to off-by-one. The attack requires local access...

5.5CVSS5.1AI score
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.10 views

PT-2026-20595

Name of the Vulnerable Software and Affected Versions xlnt versions up to 1.6.1 Description A flaw exists in the xlnt::detail::decode base64 function within the Encrypted XLSX File Parser component, specifically in the source/detail/cryptography/base64.cpp file. This can lead to an off-by-one...

4.8CVSS4.3AI score0.00209EPSS
Exploits1References10
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.6 views

xlnt 安全漏洞

xlnt is an open-source C++ language library developed by the xlnt-community. Versions of xlnt 1.6.1 and earlier contain security vulnerabilities, which stem from a rounding error in the function xlnt::detail::decodebase64 located in the file source/detail/cryptography/base64.cpp...

5.5CVSS5.8AI score0.00209EPSS
Exploits1References7
Rows per page
Query Builder