21 matches found
MiracleLinux 8 : libreoffice-6.4.7.2-12.el8.ML.1 (AXSA:2023-4806:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4806:01 advisory. libreoffice: Macro URL arbitrary script execution CVE-2022-3140 libreoffice: Execution of Untrusted Macros Due to Improper Certificate Validation...
EUVD-2022-40034
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-26307
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LibreOffice supports the storage of passwords for web connections in the user's configuration database. The stored passwords are encrypted with a single master...
RHEL 8 : libreoffice (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libreoffice: Weak Master Keys CVE-2022-26307 - An Improper Certificate Validation vulnerability in...
CentOS 8 : libreoffice (CESA-2023:0089)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:0089 advisory. - libreoffice: Execution of Untrusted Macros Due to Improper Certificate Validation CVE-2022-26305 - libreoffice: Static Initialization Vector Allows t...
FreeBSD : Apache OpenOffice -- master password vulnerabilities (6678211c-bd47-11ed-beb0-1c1b0d9ea7e6)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 6678211c-bd47-11ed-beb0-1c1b0d9ea7e6 advisory. - Apache OpenOffice supports the storage of passwords for web connections in the user's...
Moderate: Red Hat Security Advisory: libreoffice security update
An update for libreoffice is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
ALSA-2023:0304 Moderate: libreoffice security update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
libreoffice security update
6.4.7.2-12.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. 1:6.4.7.2-12 - Resolves: rhbz2134752 CVE-2022-26305 Untrusted Macros - Resolves: rhbz2134751 CVE-2022-26307 Weak Master Keys -...
ALSA-2023:0089 Moderate: libreoffice security update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
SUSE: Security Advisory (SUSE-SU-2022:3650-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-5661-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-37401
Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in OpenOffice existed where master key was poorly encoded resulting in weakening its entropy from...
Design/Logic Flaw
Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in OpenOffice existed where master key was poorly encoded resulting in weakening its entropy from...
LibreOffice < 7.2.7 / 7.3 < 7.3.3 Multiple Vulnerabilities (macOS)
According to its self-reported version, the LibreOffice application running on the remote host is prior to 7.2.7 or 7.3.3. It is, therefore, affected by multiple vulnerabilities: - LibreOffice supports the storage of passwords for web connections in the user's configuration database. The stored...
LibreOffice 7.2.x < 7.2.7, 7.3.x < 7.3.3 Multiple Vulnerabilities (Jul 2022) - Windows
LibreOffice is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:libreoffice:libreoffice";...
CVE-2022-26307
creationtimestamp| type| source ---|---|--- 2022-07-25 18:33:26+00:00| seen| https://t.me/cibsecurity/46923 2022-07-28 14:01:03+00:00| seen| https://t.me/truesecator/3228 2022-07-28 15:36:58+00:00| seen| https://t.me/itsecnews/1086 2022-08-15 14:38:06+00:00| seen| https://t.me/cibsecurity/48147...
KLA12593 Multiple vulnerabilities in LibreOffice
Multiple vulnerabilities were found in LibreOffice. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Security vulnerability can be exploited to bypass security restrictions. 2. Remote code...
CVE-2022-26307
CVE-2022-26307 affects LibreOffice: the weakness arises from how the master key/IV is encoded for web-connection passwords, reducing entropy from 128 to 43 bits. Affected: The Document Foundation LibreOffice 7.2 before 7.2.7 and 7.3 before 7.3.3. Impact: stored web passwords in the user configura...
CVE-2022-26307
LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where master key was poorly encoded resulting in weakening its entropy from 128 t...