Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libreoffice vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-9850
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be...
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.0
Canonical Ubuntu Linux 19.04
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Canonical Ubuntu Linux 16.04
Libreoffice Libreoffice
6.8
CVSSv2
CVE-2019-9854
LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of th...
Libreoffice Libreoffice
Redhat Enterprise Linux 7.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.0
Canonical Ubuntu Linux 19.04
Fedoraproject Fedora 29
Redhat Enterprise Linux 8.0
Opensuse Leap 15.1
7.5
CVSSv2
CVE-2012-1149
Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice prior to 3.5.3, allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embedded image ob...
Libreoffice Libreoffice
Debian Debian Linux 7.0
Debian Debian Linux 6.0
Redhat Enterprise Linux Server Aus 6.2
Redhat Enterprise Linux Server Eus 6.2.z
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 5.0
Apache Openoffice.org 3.4
Apache Openoffice.org 3.3.0
Fedoraproject Fedora 16
Fedoraproject Fedora 15
7.5
CVSSv2
CVE-2012-2665
Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality in OpenOffice.org and LibreOffice prior to 3.5.5 allow remote malicious users to cause a denial of service and possibly execute arbitrary code via a crafted Open Document Text (.odt) fil...
Apache Openoffice
Libreoffice Libreoffice
Redhat Enterprise Linux 6.0
Canonical Ubuntu Linux 11.04
Redhat Enterprise Linux Server From Rhui 6 6.0
Redhat Enterprise Linux For Ibm Z Systems 6.0
Canonical Ubuntu Linux 11.10
Debian Debian Linux 7.0
Debian Debian Linux 6.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux For Power Big Endian 6.0
Redhat Enterprise Linux Workstation 6.0
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 12.04
NA
CVE-2018-16858
This Metasploit module generates an ODT file with a mouse over event that when triggered, will execute arbitrary code.
1 EDB exploit
6 Github repositories
2 Articles
4.6
CVSSv2
CVE-2018-11790
When loading a document with Apache Open Office 4.1.5 and previous versions with smaller end line termination than the operating system uses, the defect occurs. In this case OpenOffice runs into an Arithmetic Overflow at a string length calculation.
Apache Openoffice
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
6.8
CVSSv2
CVE-2016-1513
The Impress tool in Apache OpenOffice 4.1.2 and previous versions allows remote malicious users to cause a denial of service (out-of-bounds read or write) or execute arbitrary code via crafted MetaActions in an (1) ODP or (2) OTP file.
Apache Openoffice
6.8
CVSSv2
CVE-2017-12607
A vulnerability in OpenOffice's PPT file parser prior to 4.1.4, and specifically in PPTStyleSheet, allows malicious users to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution.
Apache Openoffice
Debian Debian Linux 7.0
Debian Debian Linux 8.0
6.8
CVSSv2
CVE-2017-12608
A vulnerability in Apache OpenOffice Writer DOC file parser prior to 4.1.4, and specifically in ImportOldFormatStyles, allows malicious users to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary cod...
Apache Openoffice
Debian Debian Linux 8.0
Debian Debian Linux 7.0
NA
CVE-2022-38745
Apache OpenOffice versions prior to 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory.
Apache Openoffice
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »