VYPR

Libreoffice

by Libreoffice

Source repositories

CVEs (56)

  • CVE-2026-6045MedJun 15, 2026
    risk 0.35cvss epss 0.00

    LibreOffice can import EMF+ graphics, which may be embedded in documents. A heap buffer overflow existed when importing an EMF+ gradient brush. The number of gradient blend points was read from the file and used to compute an allocation size, but that multiplication could…

  • CVE-2026-6040MedJun 15, 2026
    risk 0.35cvss epss 0.00

    A heap use-after-free existed when importing the blank-width characters of an ODF number format. A position value read from the document was not checked against the length of the format-code string, so a malformed number format could be processed against memory outside that…

  • CVE-2026-6039MedJun 15, 2026
    risk 0.35cvss epss 0.00

    LibreOffice can import drawings in the DXF format used by CAD software. A heap buffer overflow existed when importing a DXF polyline. The point count taken from the file was truncated to a 16-bit value when the point buffer was sized, while the full count was used to fill it, so…

  • CVE-2018-16858Mar 25, 2019
    risk 0.03cvss epss 0.68

    It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python…

  • CVE-2023-1183Jul 10, 2023
    risk 0.01cvss epss 0.66

    A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker.

  • CVE-2015-5214Nov 10, 2015
    risk 0.01cvss epss 0.10

    LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via an index to a non-existent bookmark in a DOC file.

  • CVE-2015-5213Nov 10, 2015
    risk 0.01cvss epss 0.13

    Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow.

  • CVE-2015-5212Nov 10, 2015
    risk 0.01cvss epss 0.09

    Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configuration setting "Load printer settings with the document" is enabled, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly…

  • CVE-2015-4551Nov 10, 2015
    risk 0.01cvss epss 0.14

    LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling links, which might allow remote attackers to obtain sensitive information via a crafted document, which…

  • CVE-2015-1774Apr 28, 2015
    risk 0.01cvss epss 0.08

    The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write.

  • CVE-2014-3575Aug 27, 2014
    risk 0.01cvss epss 0.10

    The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org (OOo) might allow remote attackers to embed arbitrary data into documents via crafted OLE objects.

  • CVE-2014-3524Aug 26, 2014
    risk 0.01cvss epss 0.15

    Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly have other unspecified impact via a crafted Calc spreadsheet.

  • CVE-2012-2665Aug 6, 2012
    risk 0.01cvss epss 0.07

    Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality in OpenOffice.org and LibreOffice before 3.5.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Open Document Text (.odt) file with…

  • CVE-2012-1149Jun 21, 2012
    risk 0.01cvss epss 0.14

    Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embedded image object,…

  • CVE-2012-2334Jun 19, 2012
    risk 0.01cvss epss 0.13

    Integer overflow in filter/source/msfilter/msdffimp.cxx in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the length of an Escher…

  • CVE-2011-2685Jul 21, 2011
    risk 0.01cvss epss 0.07

    Stack-based buffer overflow in the Lotus Word Pro import filter in LibreOffice before 3.3.3 allows remote attackers to execute arbitrary code via a crafted .lwp file.

  • CVE-2025-14714Dec 15, 2025
    risk 0.00cvss epss 0.00

    An Authentication Bypass vulnerability existed where the application bundled an interpreter (Python) that inherits the Transparency, Consent, and Control (TCC) permissions granted by the user to the main application bundle By executing the bundled interpreter directly the…

  • CVE-2025-2866Apr 27, 2025
    risk 0.00cvss epss 0.00

    Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation. In the affected versions of LibreOffice a flaw in the verification code for adbe.pkcs7.sha1 signatures could cause invalid signatures to be…

  • CVE-2021-25635Mar 21, 2025
    risk 0.00cvss epss 0.00

    An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to self sign an ODF document, with a signature untrusted by the target, then modify it to change the signature algorithm to an invalid (or unknown to LibreOffice) algorithm and LibreOffice…

  • CVE-2025-1080Mar 4, 2025
    risk 0.00cvss epss 0.00

    LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice a link in a browser using that scheme could…