Lucene search
+L

17 matches found

nessus
nessus
added 2025/06/16 12:0 a.m.6 views

TencentOS Server 4: libreoffice (TSSA-2025:0236)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0236 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

7.8CVSS6.9AI score0.00538EPSS
Exploits0References4
openvas
openvas
added 2025/02/05 12:0 a.m.4 views

Mageia: Security Advisory (MGASA-2025-0035)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7CVSS4.6AI score0.00538EPSS
Exploits0References7
mageia
mageia
added 2025/02/04 6:56 p.m.26 views

Updated libreoffice packages fix security vulnerabilities

Path traversal leading to arbitrary .ttf file write. CVE-2024-12425 URL fetching can be used to exfiltrate arbitrary INI file values and environment variables. CVE-2024-12426...

6.7CVSS7AI score0.00538EPSS
Exploits0References5
openvas
openvas
added 2025/01/28 12:0 a.m.10 views

Ubuntu: Security Advisory (USN-7228-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7CVSS4.6AI score0.00538EPSS
Exploits0References2
openvas
openvas
added 2025/01/20 12:0 a.m.7 views

Debian: Security Advisory (DSA-5846-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7CVSS4.6AI score0.00538EPSS
Exploits0References2
debian
debian
added 2025/01/19 9:27 p.m.12 views

[SECURITY] [DSA 5846-1] libreoffice security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5846-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 19, 2025 https://www.debian.org/security/faq -...

6.7CVSS7AI score0.00538EPSS
Exploits0
openvas
openvas
added 2025/01/08 12:0 a.m.11 views

LibreOffice Multiple Vulnerabilities (Jan 2025) - Mac OS X

LibreOffice is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:libreoffice:libreoffice";...

6.7CVSS5AI score0.00538EPSS
Exploits0References2
openvas
openvas
added 2025/01/08 12:0 a.m.12 views

LibreOffice Multiple Vulnerabilities (Jan 2025) - Windows

LibreOffice is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:libreoffice:libreoffice";...

6.7CVSS5AI score0.00538EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/01/07 1:49 p.m.10 views

CVE-2024-12426

A flaw was found in LibreOffice. This issue may allow the exposure of environmental variables and arbitrary INI file values, leading to sensitive information disclosure via crafted URLs embedded in documents...

5CVSS6.3AI score0.00538EPSS
Exploits0References4
circl
circl
added 2025/01/07 1:15 p.m.9 views

CVE-2024-12426

creationtimestamp| type| source ---|---|--- 2025-01-07 13:15:57+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf5q7ubh4m2a 2025-01-07 13:53:35+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lf5sd5duoz2k 2025-01-07 14:42:42+00:00| seen|...

6.7CVSS5.5AI score0.00538EPSS
Exploits0References12
nvd
nvd
added 2025/01/07 1:15 p.m.11 views

CVE-2024-12426

Exposure of Environmental Variables and arbitrary INI file values to an Unauthorized Actor vulnerability in The Document Foundation LibreOffice. URLs could be constructed which expanded environmental variables or INI file values, so potentially sensitive information could be exfiltrated to a remo...

6.7CVSS0.00538EPSS
Exploits0References2
osv
osv
added 2025/01/07 1:15 p.m.13 views

CVE-2024-12426

Exposure of Environmental Variables and arbitrary INI file values to an Unauthorized Actor vulnerability in The Document Foundation LibreOffice. URLs could be constructed which expanded environmental variables or INI file values, so potentially sensitive information could be exfiltrated to a remo...

6.5CVSS6.5AI score0.00538EPSS
Exploits0References2
cve
cve
added 2025/01/07 12:22 p.m.264 views

CVE-2024-12426

CVE-2024-12426 concerns LibreOffice up to version 24.8.3 (impacted) with an exposure vulnerability where URLs could cause environmental variables and arbitrary INI file values to be exfiltrated to a remote server when opening certain documents. Affected component/issue: exporting sensitive enviro...

6.7CVSS6.3AI score0.00538EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2025/01/07 12:22 p.m.7 views

CVE-2024-12426 URL fetching can be used to exfiltrate arbitrary INI file values and environment variables

Exposure of Environmental Variables and arbitrary INI file values to an Unauthorized Actor vulnerability in The Document Foundation LibreOffice. URLs could be constructed which expanded environmental variables or INI file values, so potentially sensitive information could be exfiltrated to a remo...

6.7CVSS6.7AI score0.00538EPSS
Exploits0References1
cvelist
cvelist
added 2025/01/07 12:22 p.m.25 views

CVE-2024-12426 URL fetching can be used to exfiltrate arbitrary INI file values and environment variables

Exposure of Environmental Variables and arbitrary INI file values to an Unauthorized Actor vulnerability in The Document Foundation LibreOffice. URLs could be constructed which expanded environmental variables or INI file values, so potentially sensitive information could be exfiltrated to a remo...

6.7CVSS0.00538EPSS
Exploits0References1
kaspersky
kaspersky
added 2025/01/07 12:0 a.m.7 views

KLA78812 OSI vulnerabilities in LibreOffice

Information disclosure vulnerabilities were found in LibreOffice. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges. Original advisories CVE-2024-12425: Path traversal leading to arbitrary .ttf file write CVE-2024-12426: URL fetching can be used to...

6.7CVSS5.1AI score0.00538EPSS
Exploits0References4
ubuntucve
ubuntucve
added 2025/01/07 12:0 a.m.8 views

CVE-2024-12426

Exposure of Environmental Variables and arbitrary INI file values to an Unauthorized Actor vulnerability in The Document Foundation LibreOffice. URLs could be constructed which expanded environmental variables or INI file values, so potentially sensitive information could be exfiltrated to a remo...

6.7CVSS6.3AI score0.00538EPSS
Exploits0References3
Rows per page
Query Builder