Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libreoffice libreoffice vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-31145
Collabora Online is a collaborative online office suite based on LibreOffice technology. This vulnerability report describes a reflected XSS vulnerability with full CSP bypass in Nextcloud installations using the recommended bundle. The vulnerability can be exploited to perform a...
Collabora Online
6.1
CVSSv3
CVE-2021-43817
Collabora Online is a collaborative online office suite based on LibreOffice technology. In affected versions a reflected XSS vulnerability was found in Collabora Online. An attacker could inject unescaped HTML into a variable as they created the Collabora Online iframe, and exec...
Collabora Online
1 Github repository
5.5
CVSSv3
CVE-2023-1183
A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker.
Libreoffice Libreoffice 7.5.0
Libreoffice Libreoffice
Fedoraproject Fedora 38
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
5.3
CVSSv3
CVE-2023-2255
Improper access control in editor components of The Document Foundation LibreOffice allowed an malicious user to craft a document that would cause external links to be loaded without prompt. In the affected versions of LibreOffice documents that used "floating frames" l...
Libreoffice Libreoffice
Debian Debian Linux 11.0
2 Github repositories
5.3
CVSSv3
CVE-2021-41831
It is possible for an malicious user to manipulate the timestamp of signed documents. All versions of Apache OpenOffice up to 4.1.10 are affected. Users are advised to update to version 4.1.11. See CVE-2021-25634 for the LibreOffice advisory.
Apache Openoffice
5.3
CVSSv3
CVE-2018-18688
The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, an Incremental Saving vulnerability exists in multiple products. When an attacker uses the Incremental Saving feature to...
Code-industry Master Pdf Editor 5.1.12
Code-industry Master Pdf Editor 5.1.68
Foxitsoftware Foxit Reader 9.4
Foxitsoftware Phantompdf 8.3.9
Foxitsoftware Phantompdf
Gonitro Nitro Pro 11.0.3.173
Gonitro Nitro Reader 5.5.9.2
Iskysoft Pdf Editor 6 6.4.2.3521
Iskysoft Pdfelement6 6.8.0.3523
Iskysoft Pdfelement6 6.8.4.3921
Libreoffice Libreoffice 6.0.6.2
Libreoffice Libreoffice 6.1.3.2
Nuance Power Pdf Standard 3.0.0.17
Nuance Power Pdf Standard 3.0.0.30
Nuance Power Pdf Standard 7.0
Qoppa Pdf Studio 12.0.7
Qoppa Pdf Studio Viewer 2018 2018.0.1
Qoppa Pdf Studio Viewer 2018 2018.2.0
Soft-xpansion Perfect Pdf 10 10.0.0.1
Soft-xpansion Perfect Pdf Reader 13.0.3
Soft-xpansion Perfect Pdf Reader 13.1.5
Foxitsoftware Foxit Reader 9.1.0
5.3
CVSSv3
CVE-2020-12802
LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote r...
Libreoffice Libreoffice
Fedoraproject Fedora 31
Opensuse Leap 15.1
Opensuse Leap 15.2
5.3
CVSSv3
CVE-2020-12801
If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If the recovery is successful, and if the file format of the recovered document was...
Libreoffice Libreoffice
Opensuse Leap 15.1
5
CVSSv3
CVE-2023-26435
It was possible to call filesystem and network references using the local LibreOffice instance using manipulated ODT documents. Attackers could discover restricted network topology and services as well as including local files with read permissions of the open-xchange system user...
Open-xchange Open-xchange Appsuite Backend
Open-xchange Open-xchange Appsuite Backend 7.10.6
4.3
CVSSv3
CVE-2019-9849
LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote r...
Libreoffice Libreoffice
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Debian Debian Linux 8.0
Opensuse Leap 15.0
Opensuse Leap 15.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »