310 matches found
EUVD-2022-40034
Malicious code in bioql PyPI...
EUVD-2021-27616
Malicious code in bioql PyPI...
EUVD-2021-28832
Malicious code in bioql PyPI...
TencentOS Server 3: libreoffice (TSSA-2023:0006)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0006 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
CVE-2022-37400
Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in OpenOffice existed where the required initialization vector for encryption was always the same...
CVE-2021-30245
The project received a report that all versions of Apache OpenOffice through 4.1.8 can open non-https hyperlinks. The problem has existed since about 2006 and the issue is also in 4.1.9. If the link is specifically crafted this could lead to untrusted code execution. It is always best practice to...
CVE-2021-41832
It is possible for an attacker to manipulate documents to appear to be signed by a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25635 for the LibreOffice advisory...
CVE-2020-13958
A vulnerability in Apache OpenOffice scripting events allows an attacker to construct documents containing hyperlinks pointing to an executable on the target users file system. These hyperlinks can be triggered unconditionally. In fixed versions no internal protocol may be called from the documen...
PT-2025-18238 · Apache · Apache Openoffice
Name of the Vulnerable Software and Affected Versions: Apache OpenOffice affected versions not specified Description: The issue concerns insufficient input validation. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where thi...
PT-2025-14616 · Apache · Apache Openoffice
Name of the Vulnerable Software and Affected Versions: Apache OpenOffice affected versions not specified Description: The issue concerns unvalidated user input in Apache OpenOffice. No specific details about the number of potentially affected devices or real-world incidents are provided...
Linux Distros Unpatched Vulnerability : CVE-2022-38745
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the curre...
Linux Distros Unpatched Vulnerability : CVE-2015-5214
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service memory corruption and...
Linux Distros Unpatched Vulnerability : CVE-2018-10583
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection...
Linux Distros Unpatched Vulnerability : CVE-2015-4551
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configuration information in OpenDocument Format files and templates...
Linux Distros Unpatched Vulnerability : CVE-2015-1774
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service crash ...
Linux Distros Unpatched Vulnerability : CVE-2014-3575
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org OOo might allow remote attackers to embed arbitrary data into documents via...
Linux Distros Unpatched Vulnerability : CVE-2017-12608
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in Apache OpenOffice Writer DOC file parser before 4.1.4, and specifically in ImportOldFormatStyles, allows attackers to craft malicious documen...
CVE-2023-47804
Apache OpenOffice documents can contain links that call internal macros with arbitrary arguments. Several URI Schemes are defined for this purpose. Links can be activated by clicks, or by automatic document events. The execution of such links must be subject to user approval. In the affected...
CVE-2022-47502
Apache OpenOffice documents can contain links that call internal macros with arbitrary arguments. Several URI Schemes are defined for this purpose. Links can be activated by clicks, or by automatic document events. The execution of such links must be subject to user approval. In the affected...
LibreOffice 6.03 /Apache OpenOffice 4.1.5 Malicious ODT File Generator
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'base64' require 'rex/zip' class MetasploitModule 'LibreOffice 6.03 /Apache OpenOffice 4.1.5 Malicious ODT File Generator', 'Description' = 'Generates a Maliciou...