Lucene search
K

118 matches found

RedHat Linux
RedHat Linux
added 2024/03/26 12:23 p.m.49 views

Important: Red Hat Security Advisory: libreoffice security fix update

An update for libreoffice is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

8.8CVSS7.5AI score0.01017EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/03/26 12:23 p.m.3 views

libreoffice: Insufficient macro permission validation leading to macro execution

An insufficient permission validation vulnerability was found in LibreOffice. In versions that support running commands in hyperlinks, an attacker can execute built-in macros without warning the user...

8.8CVSS5.9AI score0.00772EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/03/26 11:52 a.m.9 views

libreoffice: Insufficient macro permission validation leading to macro execution

An insufficient permission validation vulnerability was found in LibreOffice. In versions that support running commands in hyperlinks, an attacker can execute built-in macros without warning the user...

8.8CVSS5.9AI score0.00772EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/03/26 11:52 a.m.23 views

Important: Red Hat Security Advisory: libreoffice security fix update

An update for libreoffice is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a...

8.8CVSS7.5AI score0.01017EPSS
Exploits0References3
OSV
OSV
added 2024/03/26 12:0 a.m.20 views

ALSA-2024:1514 Important: libreoffice security fix update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

8.8CVSS8.8AI score0.01017EPSS
Exploits0References6
AlmaLinux
AlmaLinux
added 2024/03/26 12:0 a.m.33 views

Important: libreoffice security fix update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

8.8CVSS7.5AI score0.01017EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/03/21 4:29 p.m.16 views

libreoffice: Insufficient macro permission validation leading to macro execution

An insufficient permission validation vulnerability was found in LibreOffice. In versions that support running commands in hyperlinks, an attacker can execute built-in macros without warning the user...

8.8CVSS5.9AI score0.00772EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/03/19 5:46 p.m.9 views

libreoffice: Insufficient macro permission validation leading to macro execution

An insufficient permission validation vulnerability was found in LibreOffice. In versions that support running commands in hyperlinks, an attacker can execute built-in macros without warning the user...

8.8CVSS5.9AI score0.00772EPSS
Exploits0References5
Veracode
Veracode
added 2023/12/26 7:13 a.m.20 views

CSV Injection

Active Admin is vulnerable to CSV Injection. This vulnerability is due to missing sanitization while exporting a CSV file. An attacker can inject malicious data to a CSV file such as =, +, -', @, \t, \r which results in arbitrary macro execution if the csv file is opened in software such as excel...

9.8CVSS6.9AI score0.0095EPSS
Exploits0References3Affected Software1
Veracode
Veracode
added 2023/12/15 6:33 a.m.28 views

Improper Preservation Of Permissions

libreoffice is vulnerable to Improper Preservation of Permissions. The vulnerability is due to there is no macro permission validation for The Document Foundation in LibreOffice. This allows an attacker to execute built-in macros without warning the user...

8.8CVSS6.7AI score0.00772EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2023/12/11 12:15 p.m.23 views

Design/Logic Flaw

Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning. In affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activated without warning th...

6.5CVSS7.2AI score0.00772EPSS
Exploits0References4Affected Software3
Prion
Prion
added 2023/03/24 4:15 p.m.33 views

Privilege escalation

Apache OpenOffice documents can contain links that call internal macros with arbitrary arguments. Several URI Schemes are defined for this purpose. Links can be activated by clicks, or by automatic document events. The execution of such links must be subject to user approval. In the affected...

4.4CVSS8AI score0.00958EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/02 6:44 p.m.8 views

CVE-2023-26056 XWiki Platform allows macro execution as any user without programming rights through the context macro

XWiki Platform is a generic wiki platform. Starting in version 3.0-milestone-1, it's possible to execute a script with the right of another user, provided the target user does not have programming right. The problem has been patched in XWiki 14.8-rc-1, 14.4.5, and 13.10.10. There are no known...

5.4CVSS7.2AI score0.00555EPSS
Exploits1References5
Cvelist
Cvelist
added 2023/03/02 6:44 p.m.32 views

CVE-2023-26056 XWiki Platform allows macro execution as any user without programming rights through the context macro

XWiki Platform is a generic wiki platform. Starting in version 3.0-milestone-1, it's possible to execute a script with the right of another user, provided the target user does not have programming right. The problem has been patched in XWiki 14.8-rc-1, 14.4.5, and 13.10.10. There are no known...

5.4CVSS5.8AI score0.00555EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:23 a.m.5 views

SUSE CVE-2018-16858

It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script i...

8.8CVSS7.4AI score0.67321EPSS
Exploits10References8
RedHat Linux
RedHat Linux
added 2023/01/23 3:29 p.m.3 views

libreoffice: Macro URL arbitrary script execution

A vulnerability was found in LibreOffice that affects the Office URI Schemes. These schemes enable browser integration of LibreOffice with the MS SharePoint server. In LibreOffice, the links using the scheme 'vnd.libreoffice.command' could be constructed to call internal macros with arbitrary...

6.3CVSS6.7AI score0.04354EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/01/12 9:18 a.m.5 views

libreoffice: Macro URL arbitrary script execution

A vulnerability was found in LibreOffice that affects the Office URI Schemes. These schemes enable browser integration of LibreOffice with the MS SharePoint server. In LibreOffice, the links using the scheme 'vnd.libreoffice.command' could be constructed to call internal macros with arbitrary...

6.3CVSS6.7AI score0.04354EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/12/15 12:0 a.m.4 views

PT-2022-6496 · Apache · Apache Openoffice +1

Name of the Vulnerable Software and Affected Versions: Apache OpenOffice affected versions not specified Description: The issue is related to the execution of links in Apache OpenOffice documents that can call internal macros with arbitrary arguments. Several URI Schemes are defined for this...

7.8CVSS7.6AI score0.00958EPSS
Exploits0References15
OSV
OSV
added 2022/10/20 12:52 p.m.3 views

USN-5694-1 libreoffice vulnerabilities

It was discovered that LibreOffice incorrectly handled links using the Office URI Schemes. If a user were tricked into opening a specially crafted document, a remote attacker could use this issue to execute arbitrary scripts. CVE-2022-3140 Thomas Florian discovered that LibreOffice incorrectly...

8.8CVSS7AI score0.04354EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2022/10/19 12:0 a.m.29 views

SUSE SLED15 / SLES15 Security Update : libreoffice (SUSE-SU-2022:3650-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3650-1 advisory. - An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was...

8.8CVSS7.8AI score0.04354EPSS
Exploits0References10
Rows per page
Query Builder