28 matches found
EUVD-2024-48649
Malicious code in bioql PyPI...
EUVD-2024-35262
Malicious code in bioql PyPI...
CVE-2022-41975
RealVNC VNC Server before 6.11.0 and VNC Viewer before 6.22.826 on Windows allow local privilege escalation via MSI installer Repair mode...
SUSE CVE-2024-7788
Improper Digital Signature Invalidation vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before 24.2.5...
Astra Linux – Vulnerability in LibreOffice
Improper digital signature invalidation vulnerability in the Zip Repair Mode of The Document Foundation’s LibreOffice library allows for signature forgery vulnerabilities in LibreOffice. This issue affects LibreOffice versions starting from 24.2 before 24.2.5...
Important: libreoffice
Issue Overview: Improper Digital Signature Invalidation vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before 24.2.5. CVE-2024-7788 Affected Packages: libreoffice Note: This...
Amazon Linux 2 : libreoffice (ALASLIBREOFFICE-2024-005)
The version of libreoffice installed on the remote host is prior to 5.3.6.1-21. It is, therefore, affected by a vulnerability as referenced in the ALAS2LIBREOFFICE-2024-005 advisory. Improper Digital Signature Invalidation vulnerability in Zip Repair Mode of The Document Foundation LibreOffice...
[SECURITY] [DLA 3915-1] libreoffice security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3915-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès October 12, 2024 https://wiki.debian.org/LTS -...
Debian dla-3915 : fonts-opensymbol - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-3915 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3915-1 [email protected] https://www.debian.org/lts/security/...
CVE-2024-35288
Nitro PDF Pro before 13.70.8.82 and 14.x before 14.26.1.0 allows Local Privilege Escalation in the MSI Installer because custom actions occur unsafely in repair mode. CertUtil is run in a conhost.exe window, and there is a mechanism allowing CTRL+o to launch cmd.exe as NT AUTHORITY\SYSTEM...
CVE-2024-7788
Improper Digital Signature Invalidation vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before 24.2.5...
DEBIAN-CVE-2024-7788
Improper Digital Signature Invalidation vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before 24.2.5...
UBUNTU-CVE-2024-7788
Improper Digital Signature Invalidation vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before 24.2.5...
CVE-2024-7788 Signatures in "repair mode" should not be trusted
Improper Digital Signature Invalidation vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before 24.2.5...
CVE-2024-7788 Signatures in "repair mode" should not be trusted
Improper Digital Signature Invalidation vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before 24.2.5...
CVE-2024-7788
CVE-2024-7788 – Summary : The Document Foundation LibreOffice exposes an improper digital signature invalidation in Zip Repair Mode, enabling signature forgery during document repair. Public details show affected versions as LibreOffice 24.2.x before 24.2.5 (also reflected in multiple advisories ...
CVE-2024-7788
Improper Digital Signature Invalidation vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before 24.2.5...
PT-2024-6309 · Document Foundation +5 · Libreoffice +5
Name of the Vulnerable Software and Affected Versions: LibreOffice versions prior to 24.2.5 Description: The issue affects the Zip Repair Mode of LibreOffice, where an improper digital signature invalidation vulnerability allows for signature forgery. This means an attacker could create a special...
CVE-2024-25376
An issue discovered in Thesycon Software Solutions Gmbh & Co. KG TUSBAudio MSI-based installers before 5.68.0 allows a local attacker to execute arbitrary code via the msiexec.exe repair mode...
CVE-2024-25376
An issue discovered in Thesycon Software Solutions Gmbh & Co. KG TUSBAudio MSI-based installers before 5.68.0 allows a local attacker to execute arbitrary code via the msiexec.exe repair mode...