Vendor CVEs
Libreoffice
All CVEs
56 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-9847 | 0.00 | — | 0.01 | May 9, 2019 | A vulnerability in LibreOffice hyperlink processing allows an attacker to construct documents containing hyperlinks pointing to the location of an executable on the target users file system. If the hyperlink is activated by the victim the executable target is unconditionally… | |||
| CVE-2014-9093 | 0.00 | — | 0.04 | Nov 26, 2014 | LibreOffice before 4.3.5 allows remote attackers to cause a denial of service (invalid write operation and crash) and possibly execute arbitrary code via a crafted RTF file. | |||
| CVE-2014-3693 | 0.00 | — | 0.05 | Nov 7, 2014 | Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to TCP port 1599. | |||
| CVE-2014-0247 | 0.00 | — | 0.04 | Jul 3, 2014 | LibreOffice 4.2.4 executes unspecified VBA macros automatically, which has unspecified impact and attack vectors, possibly related to doc/docmacromode.cxx. | |||
| CVE-2012-4233 | 0.00 | — | 0.03 | Nov 19, 2012 | LibreOffice 3.5.x before 3.5.7.2 and 3.6.x before 3.6.1, and OpenOffice.org (OOo), allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted (1) odt file to vcllo.dll, (2) ODG (Drawing document) file to svxcorelo.dll, (3) PolyPolygon record in… | |||
| CVE-2011-2713 | 0.00 | — | 0.03 | Oct 21, 2011 | oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers an out-of-bounds read in the DOC sprm parser. |
- CVE-2019-9847May 9, 2019risk 0.00cvss —epss 0.01
A vulnerability in LibreOffice hyperlink processing allows an attacker to construct documents containing hyperlinks pointing to the location of an executable on the target users file system. If the hyperlink is activated by the victim the executable target is unconditionally…
- CVE-2014-9093Nov 26, 2014risk 0.00cvss —epss 0.04
LibreOffice before 4.3.5 allows remote attackers to cause a denial of service (invalid write operation and crash) and possibly execute arbitrary code via a crafted RTF file.
- CVE-2014-3693Nov 7, 2014risk 0.00cvss —epss 0.05
Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to TCP port 1599.
- CVE-2014-0247Jul 3, 2014risk 0.00cvss —epss 0.04
LibreOffice 4.2.4 executes unspecified VBA macros automatically, which has unspecified impact and attack vectors, possibly related to doc/docmacromode.cxx.
- CVE-2012-4233Nov 19, 2012risk 0.00cvss —epss 0.03
LibreOffice 3.5.x before 3.5.7.2 and 3.6.x before 3.6.1, and OpenOffice.org (OOo), allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted (1) odt file to vcllo.dll, (2) ODG (Drawing document) file to svxcorelo.dll, (3) PolyPolygon record in…
- CVE-2011-2713Oct 21, 2011risk 0.00cvss —epss 0.03
oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers an out-of-bounds read in the DOC sprm parser.
Page 2 of 2