Document Server@* Security Vulnerabilities and Issues — Document Server@* CVE List

Lucene search

OnlyofficeDocument Server*

4 matches found

CVE•added 2023/03/19 1:15 a.m.•53 views

CVE-2022-48422

ONLYOFFICE Docs through 7.3 on certain Linux distributions allows local users to gain privileges via a Trojan horse libgcc_s.so.1 in the current working directory, which may be any directory in which an ONLYOFFICE document is located.

7.8CVSS7.5AI score0.00026EPSS

CVE•added 2023/08/14 1:15 p.m.•51 views

CVE-2023-30188

Memory Exhaustion vulnerability in ONLYOFFICE Document Server 4.0.3 through 7.3.2 allows remote attackers to cause a denial of service via crafted JavaScript file.

7.5CVSS7.3AI score0.00846EPSS

CVE•added 2023/08/14 1:15 p.m.•45 views

CVE-2023-30186

A use after free issue discovered in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file.

9.8CVSS9.6AI score0.00934EPSS

CVE•added 2023/08/14 1:15 p.m.•36 views

CVE-2023-30187

An out of bounds memory access vulnerability in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file.

9.8CVSS9.5AI score0.00934EPSS