Vulnerabilities > Libxls Project > Libxls > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-15 | CVE-2023-38851 | Out-of-bounds Write vulnerability in Libxls Project Libxls 1.6.2 Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1018. | 6.5 |
| 2023-08-15 | CVE-2023-38852 | Out-of-bounds Write vulnerability in Libxls Project Libxls 1.6.2 Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the unicode_decode_wcstombs function in xlstool.c:266. | 6.5 |
| 2023-08-15 | CVE-2023-38853 | Out-of-bounds Write vulnerability in Libxls Project Libxls 1.6.2 Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1015. | 6.5 |
| 2023-08-15 | CVE-2023-38854 | Out-of-bounds Write vulnerability in Libxls Project Libxls 1.6.2 Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the transcode_latin1_to_utf8 function in xlstool.c:296. | 6.5 |
| 2023-08-15 | CVE-2023-38855 | Out-of-bounds Write vulnerability in Libxls Project Libxls 1.6.2 Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:395. | 6.5 |
| 2023-08-15 | CVE-2023-38856 | Out-of-bounds Write vulnerability in Libxls Project Libxls 1.6.2 Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:411. | 6.5 |
| 2021-11-03 | CVE-2021-27836 | NULL Pointer Dereference vulnerability in multiple products An issue was discoverered in in function xls_getWorkSheet in xls.c in libxls 1.6.2, allows attackers to cause a denial of service, via a crafted XLS file. | 6.5 |
| 2021-02-23 | CVE-2020-27819 | NULL Pointer Dereference vulnerability in Libxls Project Libxls An issue was discovered in libxls before and including 1.6.1 when reading Microsoft Excel files. | 4.3 |
| 2020-12-02 | CVE-2017-2910 | Out-of-bounds Write vulnerability in Libxls Project Libxls 2.0.0 An exploitable Out-of-bounds Write vulnerability exists in the xls_addCell function of libxls 2.0. | 6.8 |
| 2018-12-25 | CVE-2018-20452 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libxls Project Libxls 1.4.0 The read_MSAT_body function in ole.c in libxls 1.4.0 has an invalid free that allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, because of inconsistent memory management (new versus free) in ole2_read_header in ole.c. | 6.8 |