Vulnerabilities > Libxls Project > Libxls > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-15 | CVE-2023-38851 | Out-of-bounds Write vulnerability in Libxls Project Libxls 1.6.2 Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1018. | 6.5 |
| 2023-08-15 | CVE-2023-38852 | Out-of-bounds Write vulnerability in Libxls Project Libxls 1.6.2 Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the unicode_decode_wcstombs function in xlstool.c:266. | 6.5 |
| 2023-08-15 | CVE-2023-38853 | Out-of-bounds Write vulnerability in Libxls Project Libxls 1.6.2 Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1015. | 6.5 |
| 2023-08-15 | CVE-2023-38854 | Out-of-bounds Write vulnerability in Libxls Project Libxls 1.6.2 Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the transcode_latin1_to_utf8 function in xlstool.c:296. | 6.5 |
| 2023-08-15 | CVE-2023-38855 | Out-of-bounds Write vulnerability in Libxls Project Libxls 1.6.2 Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:395. | 6.5 |
| 2023-08-15 | CVE-2023-38856 | Out-of-bounds Write vulnerability in Libxls Project Libxls 1.6.2 Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:411. | 6.5 |
| 2021-11-03 | CVE-2021-27836 | NULL Pointer Dereference vulnerability in multiple products An issue was discoverered in in function xls_getWorkSheet in xls.c in libxls 1.6.2, allows attackers to cause a denial of service, via a crafted XLS file. | 6.5 |
| 2021-02-23 | CVE-2020-27819 | Unspecified vulnerability in Libxls Project Libxls An issue was discovered in libxls before and including 1.6.1 when reading Microsoft Excel files. | 5.5 |
| 2018-12-25 | CVE-2018-20450 | Double Free vulnerability in Libxls Project Libxls 1.4.0 The read_MSAT function in ole.c in libxls 1.4.0 has a double free that allows attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2017-2897. | 6.5 |