Libreoffice

Libreoffice

64 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2025-2866

  • EPSS 0.02%
  • Veröffentlicht 27.04.2025 19:15:15
  • Zuletzt bearbeitet 03.11.2025 20:18:09

Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation. In the affected versions of LibreOffice a flaw in the verification code for adbe.pkcs7.sha1 signatures could cause...

6.5

CVE-2024-12426

  • EPSS 0.1%
  • Veröffentlicht 07.01.2025 13:15:07
  • Zuletzt bearbeitet 08.12.2025 18:35:10

Exposure of Environmental Variables and arbitrary INI file values to an Unauthorized Actor vulnerability in The Document Foundation LibreOffice. URLs could be constructed which expanded environmental variables or INI file values, so potentially s...

3.3

CVE-2024-12425

  • EPSS 0.16%
  • Veröffentlicht 07.01.2025 12:15:24
  • Zuletzt bearbeitet 08.12.2025 18:38:59

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The Document Foundation LibreOffice allows Absolute Path Traversal. An attacker can write to arbitrary locations, albeit suffixed with ".ttf", by supp...

7.8

CVE-2024-7788

  • EPSS 0.05%
  • Veröffentlicht 17.09.2024 15:15:14
  • Zuletzt bearbeitet 21.11.2024 09:52:07

Improper Digital Signature Invalidation  vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before < 24.2.5.

10

CVE-2024-5261

  • EPSS 0.27%
  • Veröffentlicht 25.06.2024 13:15:50
  • Zuletzt bearbeitet 21.11.2024 09:47:17

Improper Certificate Validation vulnerability in LibreOffice "LibreOfficeKit" mode disables TLS certification verification LibreOfficeKit can be used for accessing LibreOffice functionality through C/C++. Typically this is used by third party compo...

8.8

CVE-2023-6186

  • EPSS 1.09%
  • Veröffentlicht 11.12.2023 12:15:07
  • Zuletzt bearbeitet 13.02.2025 18:16:06

Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning. In affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that c...

8.8

CVE-2023-6185

  • EPSS 1.22%
  • Veröffentlicht 11.12.2023 12:15:07
  • Zuletzt bearbeitet 13.02.2025 18:16:06

Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute arbitrary GStreamer plugins. In affected versions the filename of the embedded video is not sufficiently escaped wh...

5.5

CVE-2023-1183

  • EPSS 3.87%
  • Veröffentlicht 10.07.2023 16:15:48
  • Zuletzt bearbeitet 21.11.2024 07:38:37

A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker.

5.3

CVE-2023-2255

  • EPSS 47.68%
  • Veröffentlicht 25.05.2023 20:15:09
  • Zuletzt bearbeitet 21.11.2024 07:58:14

Improper access control in editor components of The Document Foundation LibreOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of LibreOffice documents that used "floa...

7.8

CVE-2023-0950

  • EPSS 0.06%
  • Veröffentlicht 25.05.2023 20:15:09
  • Zuletzt bearbeitet 23.04.2025 17:16:24

Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of ...