Vulnerabilities > Libxls Project > Libxls > 1.6.2

DATE CVE VULNERABILITY TITLE RISK
2023-08-15 CVE-2023-38851 Out-of-bounds Write vulnerability in Libxls Project Libxls 1.6.2
Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1018.
network
low complexity
libxls-project CWE-787
6.5
6.5
2023-08-15 CVE-2023-38852 Out-of-bounds Write vulnerability in Libxls Project Libxls 1.6.2
Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the unicode_decode_wcstombs function in xlstool.c:266.
network
low complexity
libxls-project CWE-787
6.5
6.5
2023-08-15 CVE-2023-38853 Out-of-bounds Write vulnerability in Libxls Project Libxls 1.6.2
Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1015.
network
low complexity
libxls-project CWE-787
6.5
6.5
2023-08-15 CVE-2023-38854 Out-of-bounds Write vulnerability in Libxls Project Libxls 1.6.2
Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the transcode_latin1_to_utf8 function in xlstool.c:296.
network
low complexity
libxls-project CWE-787
6.5
6.5
2023-08-15 CVE-2023-38855 Out-of-bounds Write vulnerability in Libxls Project Libxls 1.6.2
Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:395.
network
low complexity
libxls-project CWE-787
6.5
6.5
2023-08-15 CVE-2023-38856 Out-of-bounds Write vulnerability in Libxls Project Libxls 1.6.2
Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:411.
network
low complexity
libxls-project CWE-787
6.5
6.5
2021-11-03 CVE-2021-27836 NULL Pointer Dereference vulnerability in multiple products
An issue was discoverered in in function xls_getWorkSheet in xls.c in libxls 1.6.2, allows attackers to cause a denial of service, via a crafted XLS file.
network
low complexity
libxls-project fedoraproject CWE-476
6.5
6.5