Lucene search
K

27 matches found

RedHat Linux
RedHat Linux
added 2023/11/07 8:29 a.m.55 views

libreoffice: Remote documents loaded without prompt via IFrame

A vulnerability was found in LibreOffice. Improper access control in the editor components of The Document Foundation in LibreOffice allows an attacker to craft a document that causes external links to load without a prompt. In the affected versions of LibreOffice documents that used "floating...

5.3CVSS5.8AI score0.02244EPSS
Exploits2References5
OSV
OSV
added 2023/11/07 12:0 a.m.30 views

ALSA-2023:6508 Moderate: libreoffice security update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

7.8CVSS6.9AI score0.64635EPSS
Exploits2References10
AlmaLinux
AlmaLinux
added 2023/11/07 12:0 a.m.43 views

Moderate: libreoffice security update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

7.8CVSS7.2AI score0.64635EPSS
Exploits2References10
Cvelist
Cvelist
added 2023/05/25 12:0 a.m.29 views

CVE-2023-2255 Remote documents loaded without prompt via IFrame

Improper access control in editor components of The Document Foundation LibreOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of LibreOffice documents that used "floating frames" linked to external files, would lo...

6.5AI score0.02244EPSS
Exploits2References4
Schneier on Security
Schneier on Security
added 2019/07/26 11:5 a.m.168 views

Insider Logic Bombs

Add to the "not very smart criminals" file: According to court documents, Tinley provided software services for Siemens' Monroeville, PA offices for nearly ten years. Among the work he was asked to perform was the creation of spreadsheets that the company was using to manage equipment orders. The...

0.9AI score
Exploits0
Opera Security Advisories
Opera Security Advisories
added 2012/11/02 12:0 a.m.11 views

Cross domain access to object constructors can be used to facilitate cross-site scripting – Opera Security Advisories

JavaScripts are able to redefine and override the methods of native objects. They may also do this with the native objects of any document that shares the same origin. By redefining the methods of another document through the constructor property of the document’s host objects, a malicious script...

5.7AI score
Exploits0References1
securityvulns
securityvulns
added 2010/04/06 12:0 a.m.40 views

Mozilla Foundation Security Advisory 2010-14

Mozilla Foundation Security Advisory 2010-14 Title: Browser chrome defacement via cached XUL stylesheets Impact: Low Announced: March 23, 2010 Reporter: Wladimir Palant Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6.2 Firefox 3.5.8 Firefox 3.0.18 Thunderbird 3.0.2 SeaMonkey 2.0.3...

5CVSS0.3AI score0.01689EPSS
Exploits1
Rows per page
Query Builder