218 matches found
EUVD-2025-36886
Malicious code in esg-odf-common npm...
EUVD-2025-36081
Malicious code in legacyesgodfcommon npm...
MAL-2025-48735 Malicious code in legacy_esg_odf_common (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c56f634d22583d4f5aa8a52eeab8e3d5c0659c0cbfd1a5a9b0a4741b02ca251d Any computer that has this package installed or running should be considered...
EUVD-2020-18456
Malware in sbrugna...
EUVD-2021-12531
Malware in sbrugna...
EUVD-2019-10718
Malware in sbrugna...
EUVD-2021-12529
Malware in sbrugna...
EUVD-2021-12530
Malware in sbrugna...
EUVD-2021-20194
Malware in sbrugna...
EUVD-2021-12532
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2022-43255
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GPAC v2.1-DEV-rev368-gfd054169b-master was discovered to contain a memory leak via the component gfodfnewiod at odf/odfcode.c. CVE-2022-43255 Note that Nessus...
Linux Distros Unpatched Vulnerability : CVE-2019-20163
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointer dereference in the function gfodfavccfgwritebs in...
CVE-2020-25820
BigBlueButton before 2.2.7 allows remote authenticated users to read local files and conduct SSRF attacks via an uploaded Office document that has a crafted URL in an ODF xlink field...
The vulnerability of the gf_odf_vvc_cfg_write_bs function in the odf/descriptors.c file of the MP4Box packaging tool for the GPAC multimedia platform allows a attacker to cause a service failure.
The vulnerability of the gfodfvvccfgwritebs function in the odf/descriptors.c file of the MP4Box packaging tool for the GPAC multimedia platform is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
UBUNTU-CVE-2021-25635
An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to self sign an ODF document, with a signature untrusted by the target, then modify it to change the signature algorithm to an invalid or unknown to LibreOffice algorithm and LibreOffice would incorrectly present...
CVE-2021-25635 Content Manipulation with Certificate Validation Attack
An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to self sign an ODF document, with a signature untrusted by the target, then modify it to change the signature algorithm to an invalid or unknown to LibreOffice algorithm and LibreOffice would incorrectly present...
Rocky Linux 8 : libreoffice (RLSA-2022:7461)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:7461 advisory. - LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since...
Rocky Linux 8 : libreoffice (RLSA-2020:4628)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:4628 advisory. - LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not th...
UBUNTU-CVE-2023-46930
GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gfisomfindodidfortrack /afltest/gpac/src/isomedia/mediaodf.c:522:14...
SUSE CVE-2012-3455
Heap-based buffer overflow in the read function in filters/words/msword-odf/wv2/src/styles.cpp in the Microsoft import filter in KOffice 2.3.3 and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted ODF style in an ODF...