Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libreoffice libreoffice vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-27603
BigBlueButton prior to 2.2.27 has an unsafe JODConverter setting in which LibreOffice document conversions can access external files.
Bigbluebutton Bigbluebutton
1 Github repository
7.5
CVSSv3
CVE-2017-14226
WP1StylesListener.cpp, WP5StylesListener.cpp, and WP42StylesListener.cpp in libwpd 0.10.1 mishandle iterators, which allows remote malicious users to cause a denial of service (heap-based buffer over-read in the WPXTableList class in WPXTable.cpp). This vulnerability can be trigg...
Libreoffice Libreoffice
Libwpd Libwpd 0.10.1
7.2
CVSSv3
CVE-2023-49788
Collabora Online is a collaborative online office suite based on LibreOffice technology. Unlike a standalone dedicated Collabora Online server, the Built-in CODE Server (richdocumentscode) is run without chroot sandboxing. Vulnerable versions of the richdocumentscode app can be s...
Collaboraoffice Richdocumentscode
6.5
CVSSv3
CVE-2020-27604
BigBlueButton prior to 2.3 does not implement LibreOffice sandboxing. This might make it easier for remote authenticated users to read the API shared secret in the bigbluebutton.properties file. With the API shared secret, an attacker can (for example) use api/join to join an arb...
Bigbluebutton Bigbluebutton
6.5
CVSSv3
CVE-2020-12803
ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an external web server. To create submittable forms, ODF implements the XForms W3C standard, which allows data to be submitted w...
Libreoffice Libreoffice
Opensuse Leap 15.1
Fedoraproject Fedora 31
6.5
CVSSv3
CVE-2012-5639
LibreOffice and OpenOffice automatically open embedded content
Libreoffice Libreoffice -
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Apache Openoffice -
6.5
CVSSv3
CVE-2012-0037
Redland Raptor (aka libraptor) prior to 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice prior to 3.4.6 and 3.5.x prior to 3.5.1, and other products, allows user-assisted remote malicious users to read arbitrary files via a crafted XML external entity (XXE) declaration ...
Librdf Raptor
Libreoffice Libreoffice 3.5.0
Libreoffice Libreoffice
Apache Openoffice 3.3.0
Apache Openoffice 3.4.0
Fedoraproject Fedora 17
Fedoraproject Fedora 16
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server Aus 6.2
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 5.0
Redhat Storage 2.0
Redhat Storage For Public Cloud 2.0
Redhat Enterprise Linux Eus 6.2
Redhat Gluster Storage Server For On-premise 2.0
Debian Debian Linux 6.0
6.3
CVSSv3
CVE-2022-3140
LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice links using that scheme could be con...
Libreoffice Libreoffice 7.4.0
Libreoffice Libreoffice
Debian Debian Linux 11.0
Fedoraproject Fedora 35
6.1
CVSSv3
CVE-2023-49782
Collabora Online is a collaborative online office suite based on LibreOffice technology. Users of Nextcloud with `Collabora Online - Built-in CODE Server` app can be vulnerable to attack via proxy.php. The bug was fixed in Collabora Online - Built-in CODE Server (richdocumentscod...
Collaboraoffice Richdocumentscode
6.1
CVSSv3
CVE-2023-48314
Collabora Online is a collaborative online office suite based on LibreOffice technology. Users of Nextcloud with Collabora Online Built-in CODE Server app can be vulnerable to attack via proxy.php. This vulnerability has been fixed in Collabora Online - Built-in CODE Server (rich...
Collaboraoffice Collabora Online
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »