Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libreoffice libreoffice vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2023-0950
Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an malicious user to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malf...
Libreoffice Libreoffice
Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2021-25633
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed...
Libreoffice Libreoffice
Debian Debian Linux 11.0
7.5
CVSSv3
CVE-2022-26306
LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where the required initialization vector for encryption wa...
Libreoffice Libreoffice
Debian Debian Linux 10.0
8.8
CVSSv3
CVE-2022-26307
LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where master key was poorly encoded resulting in weakening...
Libreoffice Libreoffice
Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2021-25634
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed...
Libreoffice Libreoffice
Debian Debian Linux 11.0
6.5
CVSSv3
CVE-2020-12803
ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an external web server. To create submittable forms, ODF implements the XForms W3C standard, which allows data to be submitted w...
Libreoffice Libreoffice
Opensuse Leap 15.1
Fedoraproject Fedora 31
9.8
CVSSv3
CVE-2019-9855
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be...
Libreoffice Libreoffice
Opensuse Leap 15.0
Opensuse Leap 15.1
5.3
CVSSv3
CVE-2020-12802
LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote r...
Libreoffice Libreoffice
Fedoraproject Fedora 31
Opensuse Leap 15.1
Opensuse Leap 15.2
8.8
CVSSv3
CVE-2023-6186
Insufficient macro permission validation of The Document Foundation LibreOffice allows an malicious user to execute built-in macros without warning. In affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activ...
Libreoffice Libreoffice
Fedoraproject Fedora 38
Debian Debian Linux 11.0
Debian Debian Linux 12.0
8.8
CVSSv3
CVE-2023-6185
Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an malicious user to execute arbitrary GStreamer plugins. In affected versions the filename of the embedded video is not sufficiently escaped when passed to GStreamer en...
Libreoffice Libreoffice
Fedoraproject Fedora 38
Debian Debian Linux 11.0
Debian Debian Linux 12.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »