Lucene search
K

159 matches found

RedHat Linux
RedHat Linux
added yesterday6 views

LibreOffice: LibreOffice: Denial of Service via crafted OOXML documents

A flaw was found in LibreOffice. A remote attacker could exploit this out-of-bounds write vulnerability by tricking a user into opening a specially crafted OOXML Office Open XML document with mismatched encryption salt parameters. This could lead to a denial of service DoS, making the application...

7.8CVSS6.9AI score0.00078EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2 days ago4 views

LibreOffice: LibreOffice: Denial of Service via crafted OOXML documents

A flaw was found in LibreOffice. A remote attacker could exploit this out-of-bounds write vulnerability by tricking a user into opening a specially crafted OOXML Office Open XML document with mismatched encryption salt parameters. This could lead to a denial of service DoS, making the application...

7.8CVSS6.1AI score0.00078EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/07/06 12:0 a.m.11 views

MiracleLinux 8 : libreoffice-6.4.7.2-20.el8_10.ML.1 (AXSA:2026-1176:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-1176:01 advisory. LibreOffice: LibreOffice: Denial of Service via crafted OOXML documents CVE-2026-4430 Tenable has extracted the preceding description block directly from the...

7.8CVSS7.2AI score0.00078EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.11 views

AlmaLinux 8 : libreoffice (ALSA-2026:28922)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:28922 advisory. LibreOffice: LibreOffice: Denial of Service via crafted OOXML documents CVE-2026-4430 Tenable has extracted the preceding description block directly from the...

7.8CVSS7.2AI score0.00078EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.11 views

RockyLinux 8 : libreoffice (RLSA-2026:28922)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:28922 advisory. LibreOffice: LibreOffice: Denial of Service via crafted OOXML documents CVE-2026-4430 Tenable has extracted the preceding description block directly from the...

7.8CVSS7.2AI score0.00078EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/24 11:46 a.m.7 views

LibreOffice: LibreOffice: Denial of Service via crafted OOXML documents

A flaw was found in LibreOffice. A remote attacker could exploit this out-of-bounds write vulnerability by tricking a user into opening a specially crafted OOXML Office Open XML document with mismatched encryption salt parameters. This could lead to a denial of service DoS, making the application...

7.8CVSS5.9AI score0.00078EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/24 2:53 a.m.8 views

Moderate: Red Hat Security Advisory: libreoffice security update

An update for libreoffice is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

7.8CVSS5.9AI score0.00078EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.9 views

RHEL 8 : libreoffice (RHSA-2026:28922)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:28922 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a...

7.8CVSS7.1AI score0.00078EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/03 4:2 p.m.11 views

CVE-2026-46722

The OOXML parsing of the file indexer does not disable external entity resolution. A crafted xlsx or pptx document placed in an indexed directory can cause local files to be read or outbound HTTP requests to be performed, with the retrieved content being written to the search index...

5.9CVSS5.8AI score0.00301EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2026/06/01 1:3 p.m.28 views

USN-8352-1: LibreOffice vulnerability

Duc Anh Nguyen discovered that LibreOffice incorrectly handled mismatched encryption salt parameters in crafted OOXML documents. An attacker could use this issue to cause LibreOffice to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.8CVSS6.1AI score0.00078EPSS
Exploits0
Snyk
Snyk
added 2026/05/24 8:48 p.m.12 views

XML External Entity (XXE) Injection

Overview tpwd/kesearch is a search extension for TYPO3, including faceting search functions. Affected versions of this package are vulnerable to XML External Entity XXE Injection via the OOXML parsing of the file indexer, external entity resolution is not disabled. A crafted XLSX or PPTX document...

5.9CVSS5.8AI score0.00301EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/19 9:23 a.m.9 views

CVE-2026-46722

The OOXML parsing of the file indexer does not disable external entity resolution. A crafted xlsx or pptx document placed in an indexed directory can cause local files to be read or outbound HTTP requests to be performed, with the retrieved content being written to the search index...

5.9CVSS5.8AI score0.00301EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/09 12:0 a.m.10 views

Unity Linux 20.1060e / 20.1070e Security Update: clamav (UTSA-2026-017364)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017364 advisory. A vulnerability in the OOXML parsing module in Clam AntiVirus ClamAV Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an...

7.5CVSS5.8AI score0.03061EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.13 views

LibreOffice 25.8.x < 25.8.7 / 26.2.x < 26.2.3 Heap Buffer Overflow (CVE-2026-4430)

The version of LibreOffice installed on the remote host is prior to 25.8.7 or 26.2.3. It is, therefore, affected by a heap buffer overflow vulnerability: - An out-of-bounds write vulnerability exists in the AgileEngine component of LibreOffice. An attacker can exploit this by crafting a malicious...

7.8CVSS6.5AI score0.00078EPSS
Exploits0References2
Debian
Debian
added 2026/05/07 6:56 p.m.10 views

[SECURITY] [DSA 6251-1] libreoffice security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6251-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 07, 2026 https://www.debian.org/security/faq -...

7.8CVSS6AI score0.00078EPSS
Exploits0
NVD
NVD
added 2026/05/07 8:16 a.m.9 views

CVE-2026-4430

Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. This issue affects LibreOffice: from 26.2 before 26.2.3, from 25.8 before 25.8.7...

7.8CVSS0.00078EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-4430

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encryption salt parameters. This issue...

7.8CVSS7.1AI score0.00078EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2026/04/28 11:53 a.m.5 views

Security update for dovecot22

This update for dovecot22 fixes the following issues: CVE-2025-59031: decode2text.sh OOXML extraction may follow symlinks and read unintended files during indexing bsc1260895. CVE-2025-59032: pigeonhole: ManageSieve panic occurs with sieve-connect as a client bsc1260902. CVE-2026-27855: OTP drive...

9.1CVSS5.3AI score0.0079EPSS
Exploits5References28
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.8 views

SUSE SLES16 Security Update : dovecot24 (SUSE-SU-2026:21208-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21208-1 advisory. - Update to v2.4.3 - CVE-2025-59028: Invalid base64 authentication can cause DoS for other logins bsc1260894. - CVE-2025-59031:...

8.2CVSS5.9AI score0.0079EPSS
Exploits6References31
OSV
OSV
added 2026/04/16 1:15 p.m.7 views

SUSE-SU-2026:21208-1 Security update for dovecot24

This update for dovecot24 fixes the following issues: - Update to v2.4.3 - CVE-2025-59028: Invalid base64 authentication can cause DoS for other logins bsc1260894. - CVE-2025-59031: decode2text.sh OOXML extraction may follow symlinks and read unintended files during indexing bsc1260895. -...

8.2CVSS5.8AI score0.0079EPSS
Exploits6References21
Rows per page
Query Builder