17 matches found
TencentOS Server 4: libreoffice (TSSA-2025:0236)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0236 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Mageia: Security Advisory (MGASA-2025-0035)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated libreoffice packages fix security vulnerabilities
Path traversal leading to arbitrary .ttf file write. CVE-2024-12425 URL fetching can be used to exfiltrate arbitrary INI file values and environment variables. CVE-2024-12426...
Ubuntu: Security Advisory (USN-7228-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-5846-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 5846-1] libreoffice security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5846-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 19, 2025 https://www.debian.org/security/faq -...
LibreOffice Multiple Vulnerabilities (Jan 2025) - Mac OS X
LibreOffice is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:libreoffice:libreoffice";...
LibreOffice Multiple Vulnerabilities (Jan 2025) - Windows
LibreOffice is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:libreoffice:libreoffice";...
CVE-2024-12426
A flaw was found in LibreOffice. This issue may allow the exposure of environmental variables and arbitrary INI file values, leading to sensitive information disclosure via crafted URLs embedded in documents...
CVE-2024-12426
creationtimestamp| type| source ---|---|--- 2025-01-07 13:15:57+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf5q7ubh4m2a 2025-01-07 13:53:35+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lf5sd5duoz2k 2025-01-07 14:42:42+00:00| seen|...
CVE-2024-12426
Exposure of Environmental Variables and arbitrary INI file values to an Unauthorized Actor vulnerability in The Document Foundation LibreOffice. URLs could be constructed which expanded environmental variables or INI file values, so potentially sensitive information could be exfiltrated to a remo...
CVE-2024-12426
Exposure of Environmental Variables and arbitrary INI file values to an Unauthorized Actor vulnerability in The Document Foundation LibreOffice. URLs could be constructed which expanded environmental variables or INI file values, so potentially sensitive information could be exfiltrated to a remo...
CVE-2024-12426
CVE-2024-12426 concerns LibreOffice up to version 24.8.3 (impacted) with an exposure vulnerability where URLs could cause environmental variables and arbitrary INI file values to be exfiltrated to a remote server when opening certain documents. Affected component/issue: exporting sensitive enviro...
CVE-2024-12426 URL fetching can be used to exfiltrate arbitrary INI file values and environment variables
Exposure of Environmental Variables and arbitrary INI file values to an Unauthorized Actor vulnerability in The Document Foundation LibreOffice. URLs could be constructed which expanded environmental variables or INI file values, so potentially sensitive information could be exfiltrated to a remo...
CVE-2024-12426 URL fetching can be used to exfiltrate arbitrary INI file values and environment variables
Exposure of Environmental Variables and arbitrary INI file values to an Unauthorized Actor vulnerability in The Document Foundation LibreOffice. URLs could be constructed which expanded environmental variables or INI file values, so potentially sensitive information could be exfiltrated to a remo...
KLA78812 OSI vulnerabilities in LibreOffice
Information disclosure vulnerabilities were found in LibreOffice. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges. Original advisories CVE-2024-12425: Path traversal leading to arbitrary .ttf file write CVE-2024-12426: URL fetching can be used to...
CVE-2024-12426
Exposure of Environmental Variables and arbitrary INI file values to an Unauthorized Actor vulnerability in The Document Foundation LibreOffice. URLs could be constructed which expanded environmental variables or INI file values, so potentially sensitive information could be exfiltrated to a remo...