Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Libreoffice Security Vulnerabilities

cve
cve

CVE-2012-5639

LibreOffice and OpenOffice automatically open embedded...

6.5CVSS

6.5AI Score

0.004EPSS

2019-12-20 02:15 PM
53
cve
cve

CVE-2018-10120

The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have...

7.8CVSS

8.1AI Score

0.016EPSS

2018-04-16 09:58 AM
98
cve
cve

CVE-2018-10119

sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted...

7.8CVSS

7.9AI Score

0.016EPSS

2018-04-16 09:58 AM
133
cve
cve

CVE-2018-10583

An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt.....

7.5CVSS

7AI Score

0.19EPSS

2018-05-01 04:29 PM
134
cve
cve

CVE-2018-18688

The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, an Incremental Saving vulnerability exists in multiple products. When an attacker uses the Incremental Saving feature to add pages or...

5.3CVSS

6.7AI Score

0.002EPSS

2021-01-07 06:15 PM
36
1
cve
cve

CVE-2018-14939

The get_app_path function in desktop/unx/source/start.c in LibreOffice through 6.0.5 mishandles the realpath function in certain environments such as FreeBSD libc, which might allow attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other...

9.8CVSS

9.9AI Score

0.002EPSS

2018-08-05 06:29 PM
90
cve
cve

CVE-2018-6871

LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE...

9.8CVSS

9.1AI Score

0.593EPSS

2018-02-09 06:29 AM
201
cve
cve

CVE-2017-14226

WP1StylesListener.cpp, WP5StylesListener.cpp, and WP42StylesListener.cpp in libwpd 0.10.1 mishandle iterators, which allows remote attackers to cause a denial of service (heap-based buffer over-read in the WPXTableList class in WPXTable.cpp). This vulnerability can be triggered in LibreOffice...

7.5CVSS

7.2AI Score

0.005EPSS

2017-09-09 08:29 AM
483