Libre Office Arbitrary Code Execution vulnerability (Aug 2025) - Linux

Libre Office is prone to an arbitrary code execution vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

LibreOffice Arbitrary Code Execution vulnerability (Aug 2025) - Windows

LibreOffice is prone to an arbitrary code execution vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

LibreOffice Improper Certificate Validation Vulnerability (Jul 2024) - Mac OS X

LibreOffice is prone to an improper certificate validation vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

LibreOffice Improper Certificate Validation Vulnerability (Jul 2024) - Linux

LibreOffice is prone to an improper certificate validation vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

LibreOffice Improper Certificate Validation Vulnerability (Jul 2024) - Windows

LibreOffice is prone to an improper certificate validation vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

FluentForm < 4.3.13 - CSV Injection

The plugin does not validate and escape fields when exporting form entries as CSV, leading to a CSV injection PoC - As unauthenticated, submit a form using =5+5 as value in any field - As admin, export the data as CSV /wp-admin/admin.php?page=fluentformsid=1=entries - open the CSV with a...

Easy Digital Downloads < 3.1.0.2 - Unauthenticated CSV Injection

The plugin does not validate data when its output in a CSV file, which could lead to CSV injection. - Submit an order using =5+5 as "first name" and empty "last name" the plugin allows that. - Export the data as CSV from Reports Export. - Open the CSV with a spreadsheet application Excel, Libre...

Libre Office 7.2.x < 7.2.7, 7.3.x < 7.3.3 Multiple Vulnerabilities (Jul 2022) - Mac OS X

LibreOffice is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:libreoffice:libreoffice";...

Libre Office 7.2.x < 7.2.7, 7.3.x < 7.3.2 Improper Certificate Validation Vulnerability (Jul 2022) - Mac OS X

Libre Office is prone to an improper certificate validation vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Libre Office 7.2.x < 7.2.7, 7.3.x < 7.3.2 Improper Certificate Validation Vulnerability (Jul 2022) - Linux

Libre Office is prone to an improper certificate validation vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

LibreOffice Multiple Vulnerabilities (Jun 2020) - Windows

LibreOffice is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:libreoffice:libreoffice";...

Libre Office Multiple Vulnerabilities (Jun 2020) - Mac OS X

Libre Office is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

libreoffice: Integer overflows, leading to heap-buffer overflows in JPEG, PNG and BMP reader implementations

Integer overflow in the vclmi.dll module in OpenOffice.org OOo 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted embedded image object, as demonstrated by a JP...