Lucene search
+L

121 matches found

Cvelist
Cvelist
added 2024/09/17 2:28 p.m.30 views

CVE-2024-7788 Signatures in "repair mode" should not be trusted

Improper Digital Signature Invalidation vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before 24.2.5...

7.8CVSS0.00196EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.22 views

RHEL 7 : libreoffice (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libreoffice: heap-based buffer overflow related to the ReadJPEG function CVE-2017-8358 - LibreOffice befo...

5CVSS8.6AI score0.64635EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.32 views

RHEL 9 : libreoffice (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libreoffice: Array index underflow in Calc formula parsing CVE-2023-0950 - Apache OpenOffice versions...

7.8CVSS8.8AI score0.02244EPSS
Exploits2References3
NVD
NVD
added 2024/04/30 6:15 p.m.24 views

CVE-2023-36268

Rejected reason: DoS issues, or unexploitable crashes, are out of scope for vulnerabilities...

6.4AI score
Exploits0
OSV
OSV
added 2024/04/30 6:15 p.m.16 views

CVE-2023-36268

Rejected reason: DoS issues, or unexploitable crashes, are out of scope for vulnerabilities...

6.5AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/04/30 6:15 p.m.27 views

CVE-2023-36268

Rejected reason: DoS issues, or unexploitable crashes, are out of scope for vulnerabilities...

5.8AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/04/30 12:0 a.m.15 views

CVE-2023-36268

...

5.6AI score
Exploits0
Cvelist
Cvelist
added 2024/04/30 12:0 a.m.17 views

CVE-2023-36268

...

6.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/03/29 12:0 a.m.23 views

Oracle Linux 8 : libreoffice (ELSA-2024-1514)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1514 advisory. - Fix CVE-2023-6185 escape url passed to gstreamer Tenable has extracted the preceding description block directly from the Oracle Linux security...

8.8CVSS7.9AI score0.01017EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/03/27 12:0 a.m.24 views

Rocky Linux 8 : libreoffice (RLSA-2024:1514)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:1514 advisory. - Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute arbitrary...

8.8CVSS8.2AI score0.01017EPSS
Exploits0References5
Veracode
Veracode
added 2023/12/15 6:33 a.m.29 views

Improper Preservation Of Permissions

libreoffice is vulnerable to Improper Preservation of Permissions. The vulnerability is due to there is no macro permission validation for The Document Foundation in LibreOffice. This allows an attacker to execute built-in macros without warning the user...

8.8CVSS6.7AI score0.00772EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2023/12/13 12:0 a.m.1 views

LibreOffice Input Validation Error Vulnerability (CNVD-2023-9963392)

LibreOffice is an open source office software suite from The Document Foundation tdf. The product includes applications such as Writer text documents, Calc spreadsheets and Impress presentations. An input validation error vulnerability exists in LibreOffice that stems from the presence of incorre...

8.8CVSS8.6AI score0.01017EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2023/12/11 12:15 p.m.22 views

CVE-2023-6186

Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning. In affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activated without warning th...

6.5CVSS7.6AI score0.00772EPSS
Exploits0
OSV
OSV
added 2023/12/11 12:15 p.m.8 views

CVE-2023-6185

Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute arbitrary GStreamer plugins. In affected versions the filename of the embedded video is not sufficiently escaped when passed to GStreamer enabling an attacker to r...

8.8CVSS8.8AI score0.01017EPSS
Exploits0References4
OSV
OSV
added 2023/12/11 12:15 p.m.25 views

CVE-2023-6186

Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning. In affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activated without warning th...

8.8CVSS8.8AI score0.00772EPSS
Exploits0References4
CVE
CVE
added 2023/12/11 11:56 a.m.313 views

CVE-2023-6186

CVE-2023-6186 affects LibreOffice. The vulnerability arises from insufficient macro permission validation, enabling certain built-in macros or internal commands to be executed when a user activates hyperlinks that target macros, without explicit user permission. Connected documents corroborate th...

8.8CVSS8.8AI score0.00772EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2023/12/11 11:56 a.m.27 views

CVE-2023-6186 Link targets allow arbitrary script execution

Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning. In affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activated without warning th...

8.3CVSS9AI score0.00772EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2023/12/11 11:56 a.m.28 views

CVE-2023-6186

Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning. In affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activated without warning th...

8.8CVSS8.9AI score0.00772EPSS
Exploits0
Cvelist
Cvelist
added 2023/12/11 11:52 a.m.31 views

CVE-2023-6185 Improper input validation enabling arbitrary Gstreamer pipeline injection

Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute arbitrary GStreamer plugins. In affected versions the filename of the embedded video is not sufficiently escaped when passed to GStreamer enabling an attacker to r...

8.3CVSS9AI score0.01017EPSS
Exploits0References4
CVE
CVE
added 2023/12/11 11:52 a.m.140 views

CVE-2023-6185

CVE-2023-6185 is an Improper Input Validation vulnerability in the GStreamer integration of LibreOffice that may allow an attacker to execute arbitrary GStreamer plugins by not escaping the embedded video filename passed to GStreamer. The issue affects LibreOffice and is discussed in multiple adv...

8.8CVSS8.9AI score0.01017EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder