Vulnerabilities > Libxls Project > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-08-15 CVE-2023-38851 Out-of-bounds Write vulnerability in Libxls Project Libxls 1.6.2
Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1018.
network
low complexity
libxls-project CWE-787
6.5
2023-08-15 CVE-2023-38852 Out-of-bounds Write vulnerability in Libxls Project Libxls 1.6.2
Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the unicode_decode_wcstombs function in xlstool.c:266.
network
low complexity
libxls-project CWE-787
6.5
2023-08-15 CVE-2023-38853 Out-of-bounds Write vulnerability in Libxls Project Libxls 1.6.2
Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1015.
network
low complexity
libxls-project CWE-787
6.5
2023-08-15 CVE-2023-38854 Out-of-bounds Write vulnerability in Libxls Project Libxls 1.6.2
Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the transcode_latin1_to_utf8 function in xlstool.c:296.
network
low complexity
libxls-project CWE-787
6.5
2023-08-15 CVE-2023-38855 Out-of-bounds Write vulnerability in Libxls Project Libxls 1.6.2
Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:395.
network
low complexity
libxls-project CWE-787
6.5
2023-08-15 CVE-2023-38856 Out-of-bounds Write vulnerability in Libxls Project Libxls 1.6.2
Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:411.
network
low complexity
libxls-project CWE-787
6.5
2021-11-03 CVE-2021-27836 NULL Pointer Dereference vulnerability in multiple products
An issue was discoverered in in function xls_getWorkSheet in xls.c in libxls 1.6.2, allows attackers to cause a denial of service, via a crafted XLS file.
network
low complexity
libxls-project fedoraproject CWE-476
6.5
2021-02-23 CVE-2020-27819 NULL Pointer Dereference vulnerability in Libxls Project Libxls
An issue was discovered in libxls before and including 1.6.1 when reading Microsoft Excel files.
4.3
2020-12-02 CVE-2017-2910 Out-of-bounds Write vulnerability in Libxls Project Libxls 2.0.0
An exploitable Out-of-bounds Write vulnerability exists in the xls_addCell function of libxls 2.0.
6.8
2018-12-25 CVE-2018-20452 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libxls Project Libxls 1.4.0
The read_MSAT_body function in ole.c in libxls 1.4.0 has an invalid free that allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, because of inconsistent memory management (new versus free) in ole2_read_header in ole.c.
6.8