Filtered by vendor Libreoffice
Subscribe
Total
60 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-6871 | 4 Canonical, Debian, Libreoffice and 1 more | 9 Ubuntu Linux, Debian Linux, Libreoffice and 6 more | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function. | |||||
| CVE-2018-14939 | 1 Libreoffice | 1 Libreoffice | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The get_app_path function in desktop/unx/source/start.c in LibreOffice through 6.0.5 mishandles the realpath function in certain environments such as FreeBSD libc, which might allow attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact if LibreOffice is automatically launched during web browsing with pathnames controlled by a remote web site. | |||||
| CVE-2018-10583 | 5 Apache, Canonical, Debian and 2 more | 7 Openoffice, Ubuntu Linux, Debian Linux and 4 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document. | |||||
| CVE-2018-10120 | 4 Canonical, Debian, Libreoffice and 1 more | 6 Ubuntu Linux, Debian Linux, Libreoffice and 3 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have unspecified other impact via a crafted document that contains a certain Microsoft Word record. | |||||
| CVE-2018-10119 | 4 Canonical, Debian, Libreoffice and 1 more | 6 Ubuntu Linux, Debian Linux, Libreoffice and 3 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted document that uses the structured storage ole2 wrapper file format. | |||||
| CVE-2017-8358 | 1 Libreoffice | 1 Libreoffice | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| LibreOffice before 2017-03-17 has an out-of-bounds write caused by a heap-based buffer overflow related to the ReadJPEG function in vcl/source/filter/jpeg/jpegc.cxx. | |||||
| CVE-2017-7882 | 1 Libreoffice | 1 Libreoffice | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| LibreOffice before 2017-03-14 has an out-of-bounds write related to the HWPFile::TagsRead function in hwpfilter/source/hwpfile.cxx. | |||||
| CVE-2017-7870 | 1 Libreoffice | 1 Libreoffice | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx. | |||||
| CVE-2017-7856 | 1 Libreoffice | 1 Libreoffice | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| LibreOffice before 2017-03-11 has an out-of-bounds write caused by a heap-based buffer overflow in the SVMConverter::ImplConvertFromSVM1 function in vcl/source/gdi/svmconverter.cxx. | |||||
| CVE-2017-14226 | 2 Libreoffice, Libwpd | 2 Libreoffice, Libwpd | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| WP1StylesListener.cpp, WP5StylesListener.cpp, and WP42StylesListener.cpp in libwpd 0.10.1 mishandle iterators, which allows remote attackers to cause a denial of service (heap-based buffer over-read in the WPXTableList class in WPXTable.cpp). This vulnerability can be triggered in LibreOffice before 5.3.7. It may lead to suffering a remote attack against a LibreOffice application. | |||||
| CVE-2016-4324 | 3 Canonical, Debian, Libreoffice | 3 Ubuntu Linux, Debian Linux, Libreoffice | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Use-after-free vulnerability in LibreOffice before 5.1.4 allows remote attackers to execute arbitrary code via a crafted RTF file, related to stylesheet and superscript tokens. | |||||
| CVE-2016-10327 | 1 Libreoffice | 1 Libreoffice | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| LibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx. | |||||
| CVE-2016-0795 | 2 Canonical, Libreoffice | 2 Ubuntu Linux, Libreoffice | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| LibreOffice before 5.0.5 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LwpTocSuperLayout record in a LotusWordPro (lwp) document. | |||||
| CVE-2016-0794 | 2 Canonical, Libreoffice | 2 Ubuntu Linux, Libreoffice | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| The lwp filter in LibreOffice before 5.0.4 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LotusWordPro (lwp) document. | |||||
| CVE-2015-5214 | 4 Apache, Canonical, Debian and 1 more | 4 Openoffice, Ubuntu Linux, Debian Linux and 1 more | 2024-11-21 | 6.8 MEDIUM | N/A |
| LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via an index to a non-existent bookmark in a DOC file. | |||||
| CVE-2015-5213 | 4 Apache, Canonical, Debian and 1 more | 4 Openoffice, Ubuntu Linux, Debian Linux and 1 more | 2024-11-21 | 6.8 MEDIUM | N/A |
| Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow. | |||||
| CVE-2015-5212 | 4 Apache, Canonical, Debian and 1 more | 4 Openoffice, Ubuntu Linux, Debian Linux and 1 more | 2024-11-21 | 6.8 MEDIUM | N/A |
| Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configuration setting "Load printer settings with the document" is enabled, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted PrinterSetup data in an ODF document. | |||||
| CVE-2015-4551 | 4 Apache, Canonical, Debian and 1 more | 4 Openoffice, Ubuntu Linux, Debian Linux and 1 more | 2024-11-21 | 4.3 MEDIUM | N/A |
| LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling links, which might allow remote attackers to obtain sensitive information via a crafted document, which embeds data from local files into (1) Calc or (2) Writer. | |||||
| CVE-2015-1774 | 6 Apache, Canonical, Debian and 3 more | 8 Openoffice, Ubuntu Linux, Debian Linux and 5 more | 2024-11-21 | 6.8 MEDIUM | N/A |
| The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write. | |||||
| CVE-2014-9093 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2024-11-21 | 7.5 HIGH | N/A |
| LibreOffice before 4.3.5 allows remote attackers to cause a denial of service (invalid write operation and crash) and possibly execute arbitrary code via a crafted RTF file. | |||||