Libreoffice

Libreoffice

69 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2025-2866

  • EPSS 0.03%
  • Veröffentlicht 27.04.2025 19:15:15
  • Zuletzt bearbeitet 03.11.2025 20:18:09

Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation. In the affected versions of LibreOffice a flaw in the verification code for adbe.pkcs7.sha1 signatures could cause...

5.5

CVE-2021-25635

  • EPSS 0.04%
  • Veröffentlicht 21.03.2025 14:52:50
  • Zuletzt bearbeitet 10.12.2025 19:18:58

An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to self sign an ODF document, with a signature untrusted by the target, then modify it to change the signature algorithm to an invalid (or unknown to LibreOffice) ...

7.8

CVE-2025-1080

  • EPSS 0.07%
  • Veröffentlicht 04.03.2025 20:15:36
  • Zuletzt bearbeitet 10.12.2025 18:26:24

LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice a link in a brow...

7.8

CVE-2025-0514

  • EPSS 0.05%
  • Veröffentlicht 25.02.2025 22:15:14
  • Zuletzt bearbeitet 10.12.2025 19:21:24

Improper Input Validation vulnerability in The Document Foundation LibreOffice allows Windows Executable hyperlink targets to be executed unconditionally on activation.This issue affects LibreOffice: from 24.8 before < 24.8.5.

6.5

CVE-2024-12426

  • EPSS 0.13%
  • Veröffentlicht 07.01.2025 13:15:07
  • Zuletzt bearbeitet 08.12.2025 18:35:10

Exposure of Environmental Variables and arbitrary INI file values to an Unauthorized Actor vulnerability in The Document Foundation LibreOffice. URLs could be constructed which expanded environmental variables or INI file values, so potentially s...

3.3

CVE-2024-12425

  • EPSS 0.22%
  • Veröffentlicht 07.01.2025 12:15:24
  • Zuletzt bearbeitet 08.12.2025 18:38:59

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The Document Foundation LibreOffice allows Absolute Path Traversal. An attacker can write to arbitrary locations, albeit suffixed with ".ttf", by supp...

7.8

CVE-2024-7788

  • EPSS 0.05%
  • Veröffentlicht 17.09.2024 15:15:14
  • Zuletzt bearbeitet 21.11.2024 09:52:07

Improper Digital Signature Invalidation  vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before < 24.2.5.

7.8

CVE-2024-6472

  • EPSS 0.07%
  • Veröffentlicht 05.08.2024 13:15:47
  • Zuletzt bearbeitet 10.12.2025 19:22:16

Certificate Validation user interface in LibreOffice allows potential vulnerability. Signed macros are scripts that have been digitally signed by the developer using a cryptographic signature. When a document with a signed macro is opened a war...

9.8

CVE-2024-5261

  • EPSS 0.57%
  • Veröffentlicht 25.06.2024 13:15:50
  • Zuletzt bearbeitet 23.12.2025 17:23:42

Improper Certificate Validation vulnerability in LibreOffice "LibreOfficeKit" mode disables TLS certification verification LibreOfficeKit can be used for accessing LibreOffice functionality through C/C++. Typically this is used by third party compo...

6.5

CVE-2024-3044

  • EPSS 2.36%
  • Veröffentlicht 14.05.2024 21:15:12
  • Zuletzt bearbeitet 10.12.2025 19:10:17

Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic. Such scripts were previously deeme...