Libreoffice

Libreoffice

62 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2025-2866

  • EPSS 0.02%
  • Veröffentlicht 27.04.2025 19:15:15
  • Zuletzt bearbeitet 03.07.2025 21:26:26

Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation. In the affected versions of LibreOffice a flaw in the verification code for adbe.pkcs7.sha1 signatures could cause...

7.8

CVE-2024-7788

  • EPSS 0.03%
  • Veröffentlicht 17.09.2024 15:15:14
  • Zuletzt bearbeitet 21.11.2024 09:52:07

Improper Digital Signature Invalidation  vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before < 24.2.5.

10

CVE-2024-5261

  • EPSS 0.26%
  • Veröffentlicht 25.06.2024 13:15:50
  • Zuletzt bearbeitet 21.11.2024 09:47:17

Improper Certificate Validation vulnerability in LibreOffice "LibreOfficeKit" mode disables TLS certification verification LibreOfficeKit can be used for accessing LibreOffice functionality through C/C++. Typically this is used by third party compo...

8.8

CVE-2023-6186

  • EPSS 1.09%
  • Veröffentlicht 11.12.2023 12:15:07
  • Zuletzt bearbeitet 13.02.2025 18:16:06

Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning. In affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that c...

8.8

CVE-2023-6185

  • EPSS 1.32%
  • Veröffentlicht 11.12.2023 12:15:07
  • Zuletzt bearbeitet 13.02.2025 18:16:06

Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute arbitrary GStreamer plugins. In affected versions the filename of the embedded video is not sufficiently escaped wh...

5.5

CVE-2023-1183

  • EPSS 4.98%
  • Veröffentlicht 10.07.2023 16:15:48
  • Zuletzt bearbeitet 21.11.2024 07:38:37

A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker.

5.3

CVE-2023-2255

  • EPSS 54.13%
  • Veröffentlicht 25.05.2023 20:15:09
  • Zuletzt bearbeitet 21.11.2024 07:58:14

Improper access control in editor components of The Document Foundation LibreOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of LibreOffice documents that used "floa...

7.8

CVE-2023-0950

  • EPSS 0.06%
  • Veröffentlicht 25.05.2023 20:15:09
  • Zuletzt bearbeitet 23.04.2025 17:16:24

Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of ...

6.3

CVE-2022-3140

  • EPSS 1.1%
  • Veröffentlicht 11.10.2022 21:15:16
  • Zuletzt bearbeitet 21.11.2024 07:18:54

LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice links using that...

8.8

CVE-2022-26307

  • EPSS 0.22%
  • Veröffentlicht 25.07.2022 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:53:43

LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where master key was poorly encode...