Lucene search
K

973 matches found

CVE
CVE
added 2025/11/12 9:12 a.m.24 views

CVE-2025-64407

Technical details for CVE-2025-64407 are not publicly provided in the connected documents. Available sources discuss related vulnerabilities (CVE-2024-12425/12426) and Apache OpenOffice issues, but do not specify this CVE’s affected products, root cause, or fixes.

5.3CVSS5AI score0.00398EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/12 9:12 a.m.3 views

CVE-2025-64407 Apache OpenOffice: URL fetching can be used to exfiltrate arbitrary INI file values and environment variables

Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. Such links could also be used to transmit system information, such as environment variable...

5AI score0.00398EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/12 9:11 a.m.6 views

CVE-2025-64406 Apache OpenOffice: Possible memory corruption during CSV import

An out-of-bounds Write vulnerability in Apache OpenOffice could allow an attacker to craft a document that would crash the program, or otherwise corrupt other memory areas. This issue affects Apache OpenOffice: through 4.1.15. Users are recommended to upgrade to version 4.1.16, which fixes the...

0.00432EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/12 9:11 a.m.2 views

CVE-2025-64406 Apache OpenOffice: Possible memory corruption during CSV import

An out-of-bounds Write vulnerability in Apache OpenOffice could allow an attacker to craft a document that would crash the program, or otherwise corrupt other memory areas. This issue affects Apache OpenOffice: through 4.1.15. Users are recommended to upgrade to version 4.1.16, which fixes the...

6.6AI score0.00432EPSS
Exploits0References2
CVE
CVE
added 2025/11/12 9:11 a.m.18 views

CVE-2025-64406

CVE-2025-64406 affects Apache OpenOffice up to 4.1.15. It is an out-of-bounds write vulnerability that could crash the program or corrupt memory when a crafted document is processed. Upgrading to OpenOffice 4.1.16 fixes the issue. CVSSv3.1 base score 4.3 (MEDIUM) with network attack vector, low c...

4.3CVSS6.5AI score0.00432EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2025/11/12 9:10 a.m.17 views

CVE-2025-64405

CVE-2025-64405 affects Apache OpenOffice up to version 4.1.15. The issue is a missing authorization check when handling external links, specifically in Calc spreadsheets with DDE links to external files, which could cause the external contents to be loaded without user prompt. The combined set of...

7.5CVSS6.3AI score0.01279EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/11/12 9:10 a.m.8 views

CVE-2025-64405 Apache OpenOffice: Remote documents loaded without prompt via DDE function

Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, Calc spreadsheet containing DDE links to...

0.01279EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/12 9:10 a.m.3 views

CVE-2025-64405 Apache OpenOffice: Remote documents loaded without prompt via DDE function

Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, Calc spreadsheet containing DDE links to...

6.3AI score0.01279EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/12 9:8 a.m.9 views

CVE-2025-64404 Apache OpenOffice: Remote documents loaded without prompt via background and bullet images

Apache OpenOffice documents can contain links to other files. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used backgrou...

0.01162EPSS
Exploits0References2
CVE
CVE
added 2025/11/12 9:8 a.m.22 views

CVE-2025-64404

CVE-2025-64404 affects Apache OpenOffice up to version 4.1.15. The issue is a missing Authorization vulnerability that allows an attacker to craft a document containing links (specifically background fill or bullet images) that would cause external files to be loaded without prompting the user. A...

7.5CVSS6.4AI score0.01162EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/12 9:8 a.m.2 views

CVE-2025-64404 Apache OpenOffice: Remote documents loaded without prompt via background and bullet images

Apache OpenOffice documents can contain links to other files. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used backgrou...

6.4AI score0.01162EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/12 9:4 a.m.6 views

CVE-2025-64403 Apache OpenOffice: Remote documents loaded without prompt via "external data sources" in Calc

Apache OpenOffice Calc spreadsheet can contain links to other files, in the form of "external data sources". A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause such links to be loaded without prompt. This issue affects Apache...

0.01312EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/12 9:4 a.m.1 views

CVE-2025-64403 Apache OpenOffice: Remote documents loaded without prompt via "external data sources" in Calc

Apache OpenOffice Calc spreadsheet can contain links to other files, in the form of "external data sources". A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause such links to be loaded without prompt. This issue affects Apache...

6.4AI score0.01312EPSS
Exploits0References2
CVE
CVE
added 2025/11/12 9:4 a.m.19 views

CVE-2025-64403

CVE-2025-64403 affects Apache OpenOffice up to version 4.1.15 (Calc external data sources and other external links). Root cause is missing authorization checks that allow an attacker to craft a document to load links without prompting the user. A fix is available in OpenOffice 4.1.16. Other relat...

8.1CVSS6.4AI score0.01312EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/11/12 9:3 a.m.7 views

CVE-2025-64402 Apache OpenOffice: Remote documents loaded without prompt via OLE objects

Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used "OLE objects" linked to...

0.00464EPSS
Exploits0References2
CVE
CVE
added 2025/11/12 9:3 a.m.15 views

CVE-2025-64402

CVE-2025-64402 affects Apache OpenOffice up to 4.1.15. A missing Authorization vulnerability allows documents using OLE objects linked to external files to load those files without prompting the user. Impact: loading external content without user consent. A fix is available in OpenOffice 4.1.16; ...

6.5CVSS6.3AI score0.00464EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/12 9:3 a.m.3 views

CVE-2025-64402 Apache OpenOffice: Remote documents loaded without prompt via OLE objects

Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used "OLE objects" linked to...

6.3AI score0.00464EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/12 8:58 a.m.9 views

CVE-2025-64401 Apache OpenOffice: Remote documents loaded without prompt via IFrame

Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used "floating frames" linke...

0.00824EPSS
Exploits0References2
CVE
CVE
added 2025/11/12 8:58 a.m.18 views

CVE-2025-64401

Apache OpenOffice is affected by a vulnerability where documents with floating frames linked to external files can load external content without user permission. Root cause: missing Authorization to load external links. Affected versions: Apache OpenOffice up to 4.1.15. Impact: loading external f...

7.5CVSS5.5AI score0.00824EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/11/12 12:0 a.m.5 views

Apache OpenOffice 安全漏洞

Apache OpenOffice is an open source office software suite from the U.S. Apache Apache Foundation. The suite contains text documents , spreadsheets , presentations , drawings , databases and so on. An information disclosure vulnerability exists in Apache OpenOffice, which is caused due to a lack o...

5.3CVSS5.9AI score0.00398EPSS
Exploits0References4
Rows per page
Query Builder