Every CVE whose affected-product data names Fossies Catdoc, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2024-52035 — CVSS 8.4 (high): An integer overflow vulnerability exists in the OLE Document File Allocation Table Parser functionality of catdoc 0.95. A specially crafted…
CVE-2024-54028 — CVSS 8.4 (high): An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. A specially crafted malformed file…
CVE-2017-11110 — CVSS 7.8 (high): The ole_init function in ole.c in catdoc 0.95 allows remote attackers to cause a denial of service (heap-based buffer underflow and…
CVE-2023-31979 — CVSS 7.8 (high): Catdoc v0.95 was discovered to contain a global buffer overflow via the function process_file at /src/reader.c.
CVE-2023-46345 — CVSS 7.5 (high): Catdoc v0.95 was discovered to contain a NULL pointer dereference via the component xls2csv at src/xlsparse.c.
CVE-2023-41633 — CVSS 5.5 (medium): Catdoc v0.95 was discovered to contain a NULL pointer dereference via the component xls2csv at src/fileutil.c.