Search
Total
9 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-38856 | 1 Libxls Project | 1 Libxls | 2023-08-19 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:411. | |||||
| CVE-2023-38855 | 1 Libxls Project | 1 Libxls | 2023-08-19 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:395. | |||||
| CVE-2023-38851 | 1 Libxls Project | 1 Libxls | 2023-08-19 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1018. | |||||
| CVE-2023-38853 | 1 Libxls Project | 1 Libxls | 2023-08-19 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1015. | |||||
| CVE-2023-38854 | 1 Libxls Project | 1 Libxls | 2023-08-19 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the transcode_latin1_to_utf8 function in xlstool.c:296. | |||||
| CVE-2023-38852 | 1 Libxls Project | 1 Libxls | 2023-08-19 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the unicode_decode_wcstombs function in xlstool.c:266. | |||||
| CVE-2021-27836 | 2 Fedoraproject, Libxls Project | 2 Fedora, Libxls | 2021-11-26 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discoverered in in function xls_getWorkSheet in xls.c in libxls 1.6.2, allows attackers to cause a denial of service, via a crafted XLS file. | |||||
| CVE-2020-27819 | 1 Libxls Project | 1 Libxls | 2021-02-26 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in libxls before and including 1.6.1 when reading Microsoft Excel files. A NULL pointer dereference vulnerability exists when parsing XLS cells in libxls/xls2csv.c:199. It could allow a remote attacker to cause a denial of service via crafted XLS file. | |||||
| CVE-2018-20450 | 1 Libxls Project | 1 Libxls | 2020-03-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| The read_MSAT function in ole.c in libxls 1.4.0 has a double free that allows attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2017-2897. | |||||