6 matches found
Astra Linux – Vulnerability in LibreOffice
There is a vulnerability in input validation in the GStreamer integration of The Document Foundation LibreOffice, which allows an attacker to execute arbitrary GStreamer plugins. In affected versions, the filename of the embedded video is not properly escaped when passed to GStreamer, enabling an...
Fireshare 命令注入漏洞
Fireshare is a media hosting software by the individual developer Shane Israel. A command injection vulnerability exists in Fireshare versions 1.2.30 and earlier, which stems from uploading a video file with the filename spliced directly into a shell command, which could lead to remote code...
PT-2025-50895
Name of the Vulnerable Software and Affected Versions Fireshare versions 1.2.30 and below Description Fireshare is a self-hosted media and link sharing platform. Versions 1.2.30 and below allow an authenticated user, or an unauthenticated user if Public Uploads are enabled, to construct a malicio...
CLSA-2025-1744927038 libreoffice: Fix of CVE-2023-6185
CVE-2023-6185: escape filename of embedded video to prevent execution of arbitrary GStreamer plugins...
PT-2023-7886 · Document Foundation +10 · Libreoffice +10
Name of the Vulnerable Software and Affected Versions: LibreOffice affected versions not specified Description: The issue is related to improper input validation in the GStreamer integration of LibreOffice, allowing an attacker to execute arbitrary GStreamer plugins. In affected versions, the...
UBUNTU-CVE-2023-6185
Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute arbitrary GStreamer plugins. In affected versions the filename of the embedded video is not sufficiently escaped when passed to GStreamer enabling an attacker to r...