Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libreoffice libreoffice vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-6848
A vulnerability was found in kalcaddle kodbox up to 1.48. It has been declared as critical. Affected by this vulnerability is the function check of the file plugins/officeViewer/controller/libreOffice/index.class.php. The manipulation of the argument soffice leads to command inje...
Kodcloud Kodbox
9.8
CVSSv3
CVE-2021-43527
NSS (Network Security Services) versions before 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted. A...
Mozilla Nss Esr
Mozilla Nss
Netapp Cloud Backup -
Netapp E-series Santricity Os Controller
Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.1
Oracle Communications Cloud Native Core Binding Support Function 1.11.0
Oracle Communications Policy Management 12.6.0.0.0
Starwindsoftware Starwind Virtual San V8r13
Starwindsoftware Starwind San \\& Nas V8r13
9.8
CVSSv3
CVE-2020-13451
An incomplete-cleanup vulnerability in the Office rendering engine of Gotenberg up to and including 6.2.1 allows an malicious user to overwrite LibreOffice configuration files and execute arbitrary code via macros.
Thecodingmachine Gotenberg
1 Github repository
9.8
CVSSv3
CVE-2019-9855
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be...
Libreoffice Libreoffice
Opensuse Leap 15.0
Opensuse Leap 15.1
9.8
CVSSv3
CVE-2019-9850
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be...
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.0
Canonical Ubuntu Linux 19.04
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Canonical Ubuntu Linux 16.04
Libreoffice Libreoffice
9.8
CVSSv3
CVE-2019-9851
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calling LibreLogo from document eve...
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.0
Canonical Ubuntu Linux 19.04
Fedoraproject Fedora 29
Opensuse Leap 15.1
Canonical Ubuntu Linux 16.04
Libreoffice Libreoffice
1 EDB exploit
1 Github repository
9.8
CVSSv3
CVE-2019-9848
LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable turtle vector graphics script, which can be manipulated into e...
Libreoffice Libreoffice
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Debian Debian Linux 8.0
Opensuse Leap 15.0
Opensuse Leap 15.1
3 Articles
9.8
CVSSv3
CVE-2018-14939
The get_app_path function in desktop/unx/source/start.c in LibreOffice up to and including 6.0.5 mishandles the realpath function in certain environments such as FreeBSD libc, which might allow malicious users to cause a denial of service (buffer overflow and application crash) o...
Libreoffice Libreoffice
9.8
CVSSv3
CVE-2017-8358
LibreOffice prior to 2017-03-17 has an out-of-bounds write caused by a heap-based buffer overflow related to the ReadJPEG function in vcl/source/filter/jpeg/jpegc.cxx.
Libreoffice Libreoffice
9.8
CVSSv3
CVE-2014-9654
The Regular Expressions package in International Components for Unicode (ICU) for C/C++ prior to 2014-12-03, as used in Google Chrome prior to 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote malicious us...
Google Chrome
Icu-project International Components For Unicode
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »