Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libreoffice libreoffice vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-3044
Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an malicious user to create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic. Such scripts were previously deemed trusted but are now de...
NA
CVE-2023-36268
An issue in The Document Foundation Libreoffice v.7.4.7 allows a remote malicious user to cause a denial of service via a crafted .ppt file.
NA
CVE-2024-29182
Collabora Online is a collaborative online office suite based on LibreOffice. A stored cross-site scripting vulnerability was found in Collabora Online. An attacker could create a document with an XSS payload in document text referenced by field which, if hovered over to produce ...
NA
CVE-2024-30265
Collabora Online is a collaborative online office suite based on LibreOffice technology. Any deployment of voilà dashboard allow local file inclusion. Any file on a filesystem that is readable by the user that runs the voilà dashboard server can be downloaded by som...
NA
CVE-2024-25114
Collabora Online is a collaborative online office suite based on LibreOffice technology. Each document in Collabora Online is opened by a separate "Kit" instance in a different "jail" with a unique directory "jailID" name. For security reasons, this ...
9.8
CVSSv3
CVE-2023-6848
A vulnerability was found in kalcaddle kodbox up to 1.48. It has been declared as critical. Affected by this vulnerability is the function check of the file plugins/officeViewer/controller/libreOffice/index.class.php. The manipulation of the argument soffice leads to command inje...
Kodcloud Kodbox
8.8
CVSSv3
CVE-2023-6186
Insufficient macro permission validation of The Document Foundation LibreOffice allows an malicious user to execute built-in macros without warning. In affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activ...
Libreoffice Libreoffice
Fedoraproject Fedora 38
Debian Debian Linux 11.0
Debian Debian Linux 12.0
8.8
CVSSv3
CVE-2023-6185
Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an malicious user to execute arbitrary GStreamer plugins. In affected versions the filename of the embedded video is not sufficiently escaped when passed to GStreamer en...
Libreoffice Libreoffice
Fedoraproject Fedora 38
Debian Debian Linux 11.0
Debian Debian Linux 12.0
6.1
CVSSv3
CVE-2023-49782
Collabora Online is a collaborative online office suite based on LibreOffice technology. Users of Nextcloud with `Collabora Online - Built-in CODE Server` app can be vulnerable to attack via proxy.php. The bug was fixed in Collabora Online - Built-in CODE Server (richdocumentscod...
Collaboraoffice Richdocumentscode
7.2
CVSSv3
CVE-2023-49788
Collabora Online is a collaborative online office suite based on LibreOffice technology. Unlike a standalone dedicated Collabora Online server, the Built-in CODE Server (richdocumentscode) is run without chroot sandboxing. Vulnerable versions of the richdocumentscode app can be s...
Collaboraoffice Richdocumentscode
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »