Lucene search
K

5 matches found

Rockylinux
Rockylinux
added 2026/06/25 6:0 a.m.5 views

libreoffice security update

An update is available for libreoffice. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list LibreOffice is an open source, community-developed office productivity...

7.8CVSS7.1AI score0.00078EPSS
Exploits0
NVD
NVD
added 2026/05/19 10:16 a.m.24 views

CVE-2026-46722

The OOXML parsing of the file indexer does not disable external entity resolution. A crafted xlsx or pptx document placed in an indexed directory can cause local files to be read or outbound HTTP requests to be performed, with the retrieved content being written to the search index...

5.9CVSS0.00301EPSS
Exploits0References1
CVE
CVE
added 2026/05/07 7:16 a.m.75 views

CVE-2026-4430

CVE-2026-4430 is an out-of-bounds write in LibreOffice triggered by opening OOXML documents with malformed encryption parameters. Affected releases: LibreOffice 26.2 before 26.2.3 and 25.8 before 25.8.7. Debian security advisory DSA-6251-1 confirms a buffer overflow could cause an out-of-bounds w...

7.8CVSS5.8AI score0.00078EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/05/07 12:57 a.m.4 views

GHSA-RM4C-XJ6X-49MW Gotenberg has a Server-Side Request Forgery (SSRF) Issue

Summary The SSRF hardening shipped in v8.31.0 only covers outbound URLs that Gotenberg's Go code handles — Chromium asset fetches, webhook delivery, and download-from. The LibreOffice conversion endpoint /forms/libreoffice/convert passes uploaded documents directly to LibreOffice without inspecti...

8.2CVSS5.9AI score0.00245EPSS
Exploits1References3
FireEye
FireEye
added 2020/11/19 12:0 a.m.385 views

Purgalicious VBA: Macro Obfuscation With VBA Purging

Malicious Office documents remain a favorite technique for every type of threat actor, from red teamers to FIN groups to APTs. In this blog post, we will discuss "VBA Purging", a technique we have increasingly observed in the wild and that was first publicly documented by Didier Stevens in Februa...

7.1AI score
Exploits0References16
Rows per page
Query Builder