220 matches found
Ubuntu 22.04 LTS / 24.04 LTS / 26.04 LTS : LibreOffice vulnerabilities (USN-8534-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8534-1 advisory. It was discovered that LibreOffice incorrectly handled importing DXF drawings. An attacker could use this issue to cause...
EUVD-2026-36735
A heap use-after-free existed when importing the blank-width characters of an ODF number format. A position value read from the document was not checked against the length of the format-code string, so a malformed number format could be processed against memory outside that string. In fixed...
CVE-2026-6040
CVE-2026-6040 is a heap use‑after‑free vulnerability in LibreOffice related to parsing the blank‑width characters of an ODF number format. According to multiple connected disclosures, a memory access could occur when a position value read from the document is not checked against the length of the...
Linux Distros Unpatched Vulnerability : CVE-2026-6040
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap use-after-free existed when importing the blank-width characters of an ODF number format. A position value read from the document was not checked against...
CVE-2025-55657
A NULL pointer dereference in the gfodfvvccfgwritebs function odf/descriptors.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
CVE-2025-55657
A NULL pointer dereference in the gfodfvvccfgwritebs function odf/descriptors.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
DEBIAN-CVE-2025-55657
A NULL pointer dereference in the gfodfvvccfgwritebs function odf/descriptors.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
UBUNTU-CVE-2025-55657
A NULL pointer dereference in the gfodfvvccfgwritebs function odf/descriptors.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
PT-2026-48160
🚨 CVE-2025-55657 A NULL pointer dereference in the gf odf vvc cfg write bs function odf/descriptors.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file. 🎖@cveNotify...
CVE-2025-55657
A NULL pointer dereference in the gfodfvvccfgwritebs function odf/descriptors.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
CVE-2025-55657
A NULL pointer dereference in the gfodfvvccfgwritebs function odf/descriptors.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
CVE-2025-55657
A NULL pointer dereference in the gfodfvvccfgwritebs function odf/descriptors.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
CVE-2025-55657
GPAC MP4Box v2.4 is affected by a NULL pointer dereference in the gf_odf_vvc_cfg_write_bs function (odf/descriptors.c), leading to Denial of Service when processing a crafted MP4 file. The issue’s root cause is in the handling of ODF VVC descriptor writes; exploitation details are not provided in...
GPAC MP4Box 代码问题漏洞
GPAC MP4Box is a open-source multimedia packager from GPAC. It is primarily used for processing ISOBMF files such as MP4 and 3GP, but it can also be used for importing/exporting media from container files like AVI, MPG, MKV, and MPEG-2 TS. Version 2.4 of GPAC MP4Box has a code vulnerability cause...
CVE-2025-60481
A NULL pointer dereference in the gfodfac4cfgdsiv1 function /odf/descriptors.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted AC4 file...
CVE-2025-60481
A NULL pointer dereference in the gfodfac4cfgdsiv1 function /odf/descriptors.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted AC4 file...
Astra Linux – Vulnerability in LibreOffice
LibreOffice supports digital signatures for ODF documents and macros within documents. It provides visual aids to indicate that the document has not been altered since the last signature, and that the signature is valid. A vulnerability in certificate validation in LibreOffice allowed attackers t...
Linux Distros Unpatched Vulnerability : CVE-2026-23500
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dolibarr is an enterprise resource planning ERP and customer relationship management CRM software package. In versions prior to 23.0.0 , the ODT to PDF conversi...
CVE-2026-23500 Dolibarr: OS Command Injection (RCE) via MAIN_ODT_AS_PDF configuration
Dolibarr is an enterprise resource planning ERP and customer relationship management CRM software package. In versions prior to 23.0.0 , the ODT to PDF conversion process in odf.php concatenates the MAINODTASPDF configuration constant directly into a shell command passed to exec without...
EUVD-2025-36886
Malicious code in esg-odf-common npm...