Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libreoffice libreoffice vulnerabilities and exploits
(subscribe to this query)
409
VMScore
CVE-2018-11790
When loading a document with Apache Open Office 4.1.5 and previous versions with smaller end line termination than the operating system uses, the defect occurs. In this case OpenOffice runs into an Arithmetic Overflow at a string length calculation.
Apache Openoffice
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
383
VMScore
CVE-2021-43817
Collabora Online is a collaborative online office suite based on LibreOffice technology. In affected versions a reflected XSS vulnerability was found in Collabora Online. An attacker could inject unescaped HTML into a variable as they created the Collabora Online iframe, and exec...
Collabora Online
1 Github repository
383
VMScore
CVE-2020-12803
ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an external web server. To create submittable forms, ODF implements the XForms W3C standard, which allows data to be submitted w...
Libreoffice Libreoffice
Opensuse Leap 15.1
Fedoraproject Fedora 31
383
VMScore
CVE-2020-12802
LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote r...
Libreoffice Libreoffice
Fedoraproject Fedora 31
Opensuse Leap 15.1
Opensuse Leap 15.2
383
VMScore
CVE-2012-5639
LibreOffice and OpenOffice automatically open embedded content
Libreoffice Libreoffice -
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Apache Openoffice -
383
VMScore
CVE-2012-4233
LibreOffice 3.5.x prior to 3.5.7.2 and 3.6.x prior to 3.6.1, and OpenOffice.org (OOo), allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted (1) odt file to vcllo.dll, (2) ODG (Drawing document) file to svxcorelo.dll, (3) PolyPolygon ...
Libreoffice Libreoffice 3.5.0
Libreoffice Libreoffice 3.5.3
Libreoffice Libreoffice 3.5.1
Libreoffice Libreoffice 3.5.4
Libreoffice Libreoffice 3.5.
Libreoffice Libreoffice 3.5.6
Libreoffice Libreoffice 3.5.6.1
Libreoffice Libreoffice 3.5.2
Libreoffice Libreoffice 3.5.5
Libreoffice Libreoffice 3.5.5.1
Sun Openoffice.org -
Libreoffice Libreoffice 3.5.6.2
Libreoffice Libreoffice 3.5.6.3
Libreoffice Libreoffice
Libreoffice Libreoffice 3.5
Libreoffice Libreoffice 3.5.5.2
Libreoffice Libreoffice 3.5.5.3
383
VMScore
CVE-2012-0037
Redland Raptor (aka libraptor) prior to 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice prior to 3.4.6 and 3.5.x prior to 3.5.1, and other products, allows user-assisted remote malicious users to read arbitrary files via a crafted XML external entity (XXE) declaration ...
Librdf Raptor
Libreoffice Libreoffice 3.5.0
Libreoffice Libreoffice
Apache Openoffice 3.3.0
Apache Openoffice 3.4.0
Fedoraproject Fedora 17
Fedoraproject Fedora 16
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server Aus 6.2
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 5.0
Redhat Storage 2.0
Redhat Storage For Public Cloud 2.0
Redhat Enterprise Linux Eus 6.2
Redhat Gluster Storage Server For On-premise 2.0
Debian Debian Linux 6.0
383
VMScore
CVE-2011-2713
oowriter in OpenOffice.org 3.3.0 and LibreOffice prior to 3.4.3 allows user-assisted remote malicious users to cause a denial of service (crash) via a crafted DOC file that triggers an out-of-bounds read in the DOC sprm parser.
Libreoffice Libreoffice 3.3.2
Libreoffice Libreoffice 3.3.3
Sun Openoffice.org 3.3.0
Libreoffice Libreoffice 3.4.1
Libreoffice Libreoffice
Libreoffice Libreoffice 3.3.0
Libreoffice Libreoffice 3.3.1
Libreoffice Libreoffice 3.3.4
Libreoffice Libreoffice 3.4.0
356
VMScore
CVE-2020-27604
BigBlueButton prior to 2.3 does not implement LibreOffice sandboxing. This might make it easier for remote authenticated users to read the API shared secret in the bigbluebutton.properties file. With the API shared secret, an attacker can (for example) use api/join to join an arb...
Bigbluebutton Bigbluebutton
356
VMScore
CVE-2019-9849
LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote r...
Libreoffice Libreoffice
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Debian Debian Linux 8.0
Opensuse Leap 15.0
Opensuse Leap 15.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »