Количество 31
Количество 31
ELSA-2023-6933
ELSA-2023-6933: libreoffice security update (MODERATE)
ELSA-2023-6508
ELSA-2023-6508: libreoffice security update (MODERATE)
CVE-2023-1183
A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker.
CVE-2023-1183
A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker.
CVE-2023-1183
A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker.
CVE-2023-1183
A flaw was found in the Libreoffice package. An attacker can craft an ...
SUSE-SU-2023:4648-1
Security update for libreoffice
SUSE-SU-2023:4496-1
Security update for libreoffice
GHSA-5f9q-hg2v-3887
A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker.
SUSE-SU-2024:0075-1
Security update for LibreOffice
SUSE-FU-2023:3696-1
Feature update for LibreOffice
SUSE-FU-2023:3413-1
Feature update for LibreOffice and xmlsec1
CVE-2022-38745
Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory.
CVE-2022-38745
Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory.
CVE-2022-38745
Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory.
CVE-2022-38745
Apache OpenOffice versions before 4.1.14 may be configured to add an e ...
ROS-20230830-01
Множественные уязвимости Libreoffice
GHSA-w32v-x9j2-mv46
Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory.
BDU:2023-01592
Уязвимость пакета офисных программ Apache OpenOffice, связанная с возможностью добавления пустой записи в путь к Java-классу, позволяющая нарушителю выполнить произвольный код
CVE-2023-2255
Improper access control in editor components of The Document Foundation LibreOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of LibreOffice documents that used "floating frames" linked to external files, would load the contents of those frames without prompting the user for permission to do so. This was inconsistent with the treatment of other linked content in LibreOffice. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.7; 7.5 versions prior to 7.5.3.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| ELSA-2023-6933 ELSA-2023-6933: libreoffice security update (MODERATE) | больше 1 года назад | ||
| ELSA-2023-6508 ELSA-2023-6508: libreoffice security update (MODERATE) | больше 1 года назад | ||
 | CVE-2023-1183 A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker. | CVSS3: 5 | 7% Низкий | почти 2 года назад |
 | CVE-2023-1183 A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker. | CVSS3: 5 | 7% Низкий | около 2 лет назад |
 | CVE-2023-1183 A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker. | CVSS3: 5 | 7% Низкий | почти 2 года назад |
| CVE-2023-1183 A flaw was found in the Libreoffice package. An attacker can craft an ... | CVSS3: 5 | 7% Низкий | почти 2 года назад |
 | SUSE-SU-2023:4648-1 Security update for libreoffice | 7% Низкий | больше 1 года назад | |
| SUSE-SU-2023:4496-1 Security update for libreoffice | 7% Низкий | больше 1 года назад | |
| GHSA-5f9q-hg2v-3887 A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker. | CVSS3: 5 | 7% Низкий | почти 2 года назад |
| SUSE-SU-2024:0075-1 Security update for LibreOffice | больше 1 года назад | ||
| SUSE-FU-2023:3696-1 Feature update for LibreOffice | почти 2 года назад | ||
| SUSE-FU-2023:3413-1 Feature update for LibreOffice and xmlsec1 | почти 2 года назад | ||
| CVE-2022-38745 Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory. | CVSS3: 7.8 | 0% Низкий | около 2 лет назад |
| CVE-2022-38745 Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory. | CVSS3: 7.8 | 0% Низкий | около 2 лет назад |
| CVE-2022-38745 Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory. | CVSS3: 7.8 | 0% Низкий | около 2 лет назад |
| CVE-2022-38745 Apache OpenOffice versions before 4.1.14 may be configured to add an e ... | CVSS3: 7.8 | 0% Низкий | около 2 лет назад |
 | ROS-20230830-01 Множественные уязвимости Libreoffice | CVSS3: 4.8 | почти 2 года назад | |
| GHSA-w32v-x9j2-mv46 Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory. | CVSS3: 7.8 | 0% Низкий | около 2 лет назад |
 | BDU:2023-01592 Уязвимость пакета офисных программ Apache OpenOffice, связанная с возможностью добавления пустой записи в путь к Java-классу, позволяющая нарушителю выполнить произвольный код | CVSS3: 8.8 | 0% Низкий | около 2 лет назад |
| CVE-2023-2255 Improper access control in editor components of The Document Foundation LibreOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of LibreOffice documents that used "floating frames" linked to external files, would load the contents of those frames without prompting the user for permission to do so. This was inconsistent with the treatment of other linked content in LibreOffice. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.7; 7.5 versions prior to 7.5.3. | CVSS3: 5.3 | 56% Средний | около 2 лет назад |
Уязвимостей на страницу