Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libreoffice libreoffice vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2018-1055
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-6871. Reason: This candidate is a reservation duplicate of CVE-2018-6871. Notes: All CVE users should reference CVE-2018-6871 instead of this candidate. All references and descriptions in this candidate have ...
7.2
CVSSv2
CVE-2021-25630
"loolforkit" is a privileged program that is supposed to be run by a special, non-privileged "lool" user. Before doing anything else "loolforkit" checks, if it was invoked by the "lool" user, and refuses to run with privileges, if it's...
Collaboraoffice Online
NA
CVE-2021-25635
No description is available for this CVE.
5
CVSSv2
CVE-2020-27603
BigBlueButton prior to 2.2.27 has an unsafe JODConverter setting in which LibreOffice document conversions can access external files.
Bigbluebutton Bigbluebutton
1 Github repository
NA
CVE-2023-36268
An issue in The Document Foundation Libreoffice v.7.4.7 allows a remote malicious user to cause a denial of service via a crafted .ppt file.
5
CVSSv2
CVE-2021-41831
It is possible for an malicious user to manipulate the timestamp of signed documents. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25634 for the LibreOffice advisory.
Apache Openoffice
7.5
CVSSv2
CVE-2020-13451
An incomplete-cleanup vulnerability in the Office rendering engine of Gotenberg up to and including 6.2.1 allows an malicious user to overwrite LibreOffice configuration files and execute arbitrary code via macros.
Thecodingmachine Gotenberg
1 Github repository
5
CVSSv2
CVE-2021-41832
It is possible for an malicious user to manipulate documents to appear to be signed by a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25635 for the LibreOffice advisory.
Apache Openoffice
5
CVSSv2
CVE-2021-41830
It is possible for an malicious user to manipulate signed documents and macros to appear to come from a trusted source. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25633 for the LibreOffice advisory.
Apache Openoffice
9.3
CVSSv2
CVE-2021-25631
In the LibreOffice 7-1 series in versions before 7.1.2, and in the 7-0 series in versions before 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an executable type.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »