Every CVE whose affected-product data names Libxls Project Libxls, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (20)
CVE-2018-20452 — CVSS 8.8 (high): The read_MSAT_body function in ole.c in libxls 1.4.0 has an invalid free that allows attackers to cause a denial of service (application…
CVE-2017-12108 — CVSS 8.8 (high): An exploitable integer overflow vulnerability exists in the xls_preparseWorkSheet function of libxls 1.4 when handling a MULBLANK record. A…
CVE-2017-12110 — CVSS 8.8 (high): An exploitable integer overflow vulnerability exists in the xls_appendSST function of libxls 1.4.A specially crafted XLS file can cause…
CVE-2017-12111 — CVSS 8.8 (high): An exploitable out-of-bounds vulnerability exists in the xls_addCell function of libxls 1.4. A specially crafted XLS file with a formula…
CVE-2017-2910 — CVSS 8.8 (high): An exploitable Out-of-bounds Write vulnerability exists in the xls_addCell function of libxls 2.0. A specially crafted xls file can cause a…
CVE-2017-12109 — CVSS 8.8 (high): An exploitable integer overflow vulnerability exists in the xls_preparseWorkSheet function of libxls 1.4 when handling a MULRK record. A…
CVE-2017-2919 — CVSS 7.8 (high): An exploitable stack based buffer overflow vulnerability exists in the xls_getfcell function of libxls 1.3.4. A specially crafted XLS file…
CVE-2017-2896 — CVSS 7.8 (high): An exploitable out-of-bounds write vulnerability exists in the xls_mergedCells function of libxls 1.4. . A specially crafted XLS file can…
CVE-2017-2897 — CVSS 7.8 (high): An exploitable out-of-bounds write vulnerability exists in the read_MSAT function of libxls 1.4. A specially crafted XLS file can cause a…
CVE-2023-38856 — CVSS 6.5 (medium): Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a…
CVE-2018-20450 — CVSS 6.5 (medium): The read_MSAT function in ole.c in libxls 1.4.0 has a double free that allows attackers to cause a denial of service (application crash)…
CVE-2021-27836 — CVSS 6.5 (medium): An issue was discoverered in in function xls_getWorkSheet in xls.c in libxls 1.6.2, allows attackers to cause a denial of service, via a…
CVE-2023-38851 — CVSS 6.5 (medium): Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a…
CVE-2023-38852 — CVSS 6.5 (medium): Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a…
CVE-2023-38853 — CVSS 6.5 (medium): Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a…
CVE-2023-38854 — CVSS 6.5 (medium): Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a…
CVE-2023-38855 — CVSS 6.5 (medium): Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a…
CVE-2026-26824 — CVSS 6.5 (medium): libxls through version 1.6.3 contains a use of uninitialized memory vulnerability in the OLE container parser. Memory allocated for the…
CVE-2020-27819 — CVSS 5.5 (medium): An issue was discovered in libxls before and including 1.6.1 when reading Microsoft Excel files. A NULL pointer dereference vulnerability…
CVE-2026-26825 — CVSS 5.3 (medium): A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via…