CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

23 matches found

Tenable Nessus•added 2025/11/14 12:0 a.m.•5 views

Apache OpenOffice < 4.1.16 Multiple Vulnerabilities

The version of Apache OpenOffice installed on the remote host is prior to 4.1.16. It is, therefore, affected by multiple vulnerabilities, including: - Apache OpenOffice Calc spreadsheet can contain links to other files, in the form of 'external data sources'. A missing Authorization vulnerability...

8.1CVSS6.6AI score0.02244EPSS

Exploits2References15

RedhatCVE•added 2025/11/13 9:8 a.m.•4 views

CVE-2025-64401

Apache OpenOffice documents can contain links. A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of Apache OpenOffice, documents that used "floating frames" linke...

7.5CVSS5.5AI score0.02244EPSS

Exploits2References1

EUVD•added 2025/11/12 9:30 a.m.•4 views

EUVD-2025-119983

7.5CVSS6.3AI score0.02244EPSS

Exploits2References3

OSV•added 2025/11/12 9:15 a.m.•4 views

CVE-2025-64401

7.5CVSS5.7AI score0.00824EPSS

Exploits0References2

NVD•added 2025/11/12 9:15 a.m.•6 views

CVE-2025-64401

7.5CVSS0.00824EPSS

Exploits0References2

Vulnrichment•added 2025/11/12 8:58 a.m.•3 views

CVE-2025-64401 Apache OpenOffice: Remote documents loaded without prompt via IFrame

5.5AI score0.00824EPSS

Exploits0References2

Cvelist•added 2025/11/12 8:58 a.m.•5 views

CVE-2025-64401 Apache OpenOffice: Remote documents loaded without prompt via IFrame

0.00824EPSS

Exploits0References2

CVE•added 2025/11/12 8:58 a.m.•17 views

CVE-2025-64401

Apache OpenOffice is affected by a vulnerability where documents with floating frames linked to external files can load external content without user permission. Root cause: missing Authorization to load external links. Affected versions: Apache OpenOffice up to 4.1.15. Impact: loading external f...

7.5CVSS5.5AI score0.00824EPSS

Exploits0References2Affected Software1

Tenable Nessus•added 2023/12/14 12:0 a.m.•33 views

LibreOffice 7.5 < 7.5.9 / 7.6 < 7.6.4 Arbitrary Script Execution (macOS)

LibreOffice supports hyperlinks. In addition to the typical common protocols such as http/https hyperlinks can also have target URLs that can launch built-in macros or dispatch built-in internal commands. In affected version of LibreOffice there are scenarios where these can be executed without...

8.8CVSS7.7AI score0.00772EPSS

Exploits0References2

RedHat Linux•added 2023/11/14 3:53 p.m.•41 views

libreoffice: Remote documents loaded without prompt via IFrame

A vulnerability was found in LibreOffice. Improper access control in the editor components of The Document Foundation in LibreOffice allows an attacker to craft a document that causes external links to load without a prompt. In the affected versions of LibreOffice documents that used "floating...

5.3CVSS5.8AI score0.02244EPSS

Exploits2References5

RedHat Linux•added 2023/11/07 8:29 a.m.•50 views

libreoffice: Remote documents loaded without prompt via IFrame

5.3CVSS5.8AI score0.02244EPSS

Exploits2References5

Redos•added 2023/08/30 12:0 a.m.•19 views

ROS-20230830-01

The vulnerability of the Floating Frames component of the LibreOffice office software package is related to flaws in access control. in access control. Exploiting the vulnerability could allow an attacker to perform a spoofing attack using a specially crafted file A vulnerability in the Spreadshe...

7.8CVSS7AI score0.02244EPSS

Exploits2

Veracode•added 2023/08/07 1:27 a.m.•23 views

Authorization Bypass

libreoffice is vulnerable to Authorization Bypasses. Improper access control in editor components allows an attacker to craft a document that would cause external links to be loaded without prompt. The documents that uses floating frames linked to external files, would load the contents of those...

5.3CVSS6.6AI score0.02244EPSS

Exploits2References5Affected Software1

BDU FSTEC•added 2023/05/31 12:0 a.m.•3 views

The vulnerability of the Floating Frames component in the LibreOffice office software package allows a hacker to perform a spoofing attack.

The vulnerability of the Floating Frames component in the LibreOffice office software package is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to carry out a spear-phishing attack using a specially created file...

4.8CVSS6.4AI score0.02244EPSS

Exploits2References12Affected Software5

RedhatCVE•added 2023/05/26 8:40 p.m.•77 views

CVE-2023-2255

5.3CVSS6.7AI score0.02244EPSS

Exploits2References4

NCSC•added 2023/05/26 12:0 a.m.•3 views

Vulnerabilities fixed in LibreOffice

The Document Foundation has fixed two vulnerabilities in LibreOffice. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or possibly execute code with the victim's privileges. This requires the malicious party to trick the victim into opening a malicious document to...

7.8CVSS7.3AI score0.02244EPSS

Exploits2

ATTACKERKB•added 2023/05/25 8:15 p.m.•6 views

CVE-2023-2255

Improper access control in editor components of The Document Foundation LibreOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of LibreOffice documents that used "floating frames" linked to external files, would lo...

5.3CVSS6.4AI score0.02244EPSS

Exploits2References5Affected Software1