Lucene search
K

209 matches found

Vulnrichment
Vulnrichment
added 2024/08/23 2:26 p.m.23 views

CVE-2024-37311 Collabora Online's remote host TLS certificates are not fully verified

Collabora Online is a collaborative online office suite based on LibreOffice. In affected versions of Collabora Online, https connections from coolwsd to other hosts may incompletely verify the remote host's certificate's against the full chain of trust. This vulnerability is fixed in Collabora...

8.2CVSS6.8AI score0.00229EPSS
Exploits0References1
OSV
OSV
added 2024/08/23 2:26 p.m.7 views

CVE-2024-37311 Collabora Online's remote host TLS certificates are not fully verified

Collabora Online is a collaborative online office suite based on LibreOffice. In affected versions of Collabora Online, https connections from coolwsd to other hosts may incompletely verify the remote host's certificate's against the full chain of trust. This vulnerability is fixed in Collabora...

8.2CVSS6.9AI score0.00229EPSS
Exploits0References3
CVE
CVE
added 2024/08/23 2:26 p.m.41 views

CVE-2024-37311

CVE-2024-37311 affects Collabora Online. In affected versions, https connections from coolwsd to other hosts may incompletely verify the remote host’s certificate against the full chain of trust. The issue is fixed in Collabora Online versions 24.04.4.3, 23.05.14.1, and 22.05.23.1. Related source...

8.2CVSS8.1AI score0.00229EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/08/23 12:0 a.m.8 views

Collabora Online 安全漏洞

Collabora Online is an application from Collabora UK. A powerful LibreOffice-based online office that supports all major document, spreadsheet and presentation file formats. A security vulnerability exists in Collabora Online versions prior to 24.04.4.3, prior to 23.05.14.1, and prior to...

8.2CVSS6.8AI score0.00229EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/23 12:0 a.m.5 views

PT-2024-27470 · Collabora · Collabora Online

Name of the Vulnerable Software and Affected Versions: Collabora Online versions prior to 22.05.23.1 Collabora Online versions prior to 23.05.14.1 Collabora Online versions prior to 24.04.4.3 Description: In affected versions of Collabora Online, a collaborative online office suite based on...

8.2CVSS7.3AI score0.00229EPSS
Exploits0References7
NVD
NVD
added 2024/04/04 3:15 p.m.16 views

CVE-2024-29182

Collabora Online is a collaborative online office suite based on LibreOffice. A stored cross-site scripting vulnerability was found in Collabora Online. An attacker could create a document with an XSS payload in document text referenced by field which, if hovered over to produce a tooltip, could ...

6.1CVSS5.8AI score0.00338EPSS
Exploits0References1
OSV
OSV
added 2024/04/04 2:48 p.m.4 views

CVE-2024-29182 Collabora Online Stored Cross-Site-Scripting vulnerability via tooltip

Collabora Online is a collaborative online office suite based on LibreOffice. A stored cross-site scripting vulnerability was found in Collabora Online. An attacker could create a document with an XSS payload in document text referenced by field which, if hovered over to produce a tooltip, could ...

6.1CVSS5.5AI score0.00338EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/04/04 2:48 p.m.10 views

CVE-2024-29182 Collabora Online Stored Cross-Site-Scripting vulnerability via tooltip

Collabora Online is a collaborative online office suite based on LibreOffice. A stored cross-site scripting vulnerability was found in Collabora Online. An attacker could create a document with an XSS payload in document text referenced by field which, if hovered over to produce a tooltip, could ...

6.1CVSS5.3AI score0.00338EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/04 2:48 p.m.23 views

CVE-2024-29182 Collabora Online Stored Cross-Site-Scripting vulnerability via tooltip

Collabora Online is a collaborative online office suite based on LibreOffice. A stored cross-site scripting vulnerability was found in Collabora Online. An attacker could create a document with an XSS payload in document text referenced by field which, if hovered over to produce a tooltip, could ...

6.1CVSS5.9AI score0.00338EPSS
Exploits0References1
CVE
CVE
added 2024/04/04 2:48 p.m.66 views

CVE-2024-29182

CVE-2024-29182 affects Collabora Online (LibreOffice-based online suite). The vulnerability is a stored cross-site scripting flaw where an attacker can embed an XSS payload in document text referenced by a field; when a user hovers the text to display a tooltip, the payload could execute in the u...

6.1CVSS5.8AI score0.00338EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/04/04 12:0 a.m.4 views

Collabora Online 跨站脚本漏洞

Collabora Online is a software application from Collabora UK. A powerful LibreOffice-based online office that supports all major document, spreadsheet and presentation file formats. A cross-site scripting vulnerability exists in Collabora Online version 23.05.10.1 and earlier, which stems from a...

6.1CVSS6AI score0.00338EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/04 12:0 a.m.5 views

PT-2024-22787

Name of the Vulnerable Software and Affected Versions Collabora Online versions prior to 23.05.10.1 Description A stored cross-site scripting issue was found in Collabora Online, a collaborative online office suite based on LibreOffice. An attacker could create a document with an XSS payload in...

6.1CVSS5.2AI score0.00338EPSS
Exploits0References8
NVD
NVD
added 2024/04/03 11:15 p.m.29 views

CVE-2024-30265

Collabora Online is a collaborative online office suite based on LibreOffice technology. Any deployment of voilà dashboard allow local file inclusion. Any file on a filesystem that is readable by the user that runs the voilà dashboard server can be downloaded by someone with network access to the...

7.5CVSS7.5AI score0.00725EPSS
Exploits0References6
OSV
OSV
added 2024/04/03 10:55 p.m.22 views

CVE-2024-30265 Voilà Local file inclusion

Collabora Online is a collaborative online office suite based on LibreOffice technology. Any deployment of voilà dashboard allow local file inclusion. Any file on a filesystem that is readable by the user that runs the voilà dashboard server can be downloaded by someone with network access to the...

7.5CVSS7.3AI score0.00725EPSS
Exploits0References8
Cvelist
Cvelist
added 2024/04/03 10:55 p.m.16 views

CVE-2024-30265 Voilà Local file inclusion

Collabora Online is a collaborative online office suite based on LibreOffice technology. Any deployment of voilà dashboard allow local file inclusion. Any file on a filesystem that is readable by the user that runs the voilà dashboard server can be downloaded by someone with network access to the...

7.5CVSS7.7AI score0.00725EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/04/03 10:55 p.m.9 views

CVE-2024-30265 Voilà Local file inclusion

Collabora Online is a collaborative online office suite based on LibreOffice technology. Any deployment of voilà dashboard allow local file inclusion. Any file on a filesystem that is readable by the user that runs the voilà dashboard server can be downloaded by someone with network access to the...

7.5CVSS6.8AI score0.00725EPSS
Exploits0References6
CVE
CVE
added 2024/04/03 10:55 p.m.53 views

CVE-2024-30265

CVE-2024-30265 affects Voilà (Voila dashboards) with a Local File Inclusion in the static route. The root cause is that StaticFileHandler is initialized with root '/' due to incorrect static_path handling, allowing an attacker to download any file readable by the server user over the network, dep...

7.5CVSS7.5AI score0.00725EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/04/03 12:0 a.m.14 views

Collabora Online 安全漏洞

Collabora Online is an application from Collabora UK. A powerful LibreOffice-based online office that supports all major document, spreadsheet and presentation file formats. A security vulnerability exists in Collabora Online version 0.0.2 and later, which stems from the presence of a local file...

7.5CVSS7.3AI score0.00725EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2024/03/13 12:0 a.m.15 views

Collabora CODE / Collabora Online < 21.11.9.4, 22.x < 22.05.22, 23.x < 23.05.9 Information Disclosure Vulnerability

Collabora CODE Collabora Online Development Edition and Collabora Online is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

5.3CVSS4.5AI score0.00471EPSS
Exploits1References1
NVD
NVD
added 2024/03/11 10:15 p.m.23 views

CVE-2024-25114

Collabora Online is a collaborative online office suite based on LibreOffice technology. Each document in Collabora Online is opened by a separate "Kit" instance in a different "jail" with a unique directory "jailID" name. For security reasons, this directory name is randomly generated and should...

5.3CVSS3.7AI score0.00471EPSS
Exploits1References2
Rows per page
Query Builder