*Title:* Weak Master Keys *Announced:* July 25, 2022 *Fixed in:* LibreOffice 7.2.7/7.3.3 *Description*: LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords...
Read more about "CVE-2022-26307"...*Title:* Macro URL arbitrary script execution *Announced:* October 11, 2022 *Fixed in:* LibreOffice 7.3.6/7.4.1 *Description*: LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server....
Read more about "CVE-2022-3140"...The LibreOffice Impress Remote for Android does not collect any personal information nor any other user data. Location permissions are mandated by Android to initiate Bluetooth scanning...
Read more about "LibreOffice Impress Remote – Privacy Policy"...*Title:* Empty entry in Java class path risks arbitrary code execution *Announced:* March 24, 2023 *Fixed in:* LibreOffice 7.2.6/7.3.1 *Description*: Most versions of LibreOffice support and contain components written in...
Read more about "CVE-2022-38745"...*Title:* Array Index UnderFlow in Calc Formula Parsing *Announced:* May 24, 2023 *Fixed in:* LibreOffice 7.4.6/7.5.2 *Description*: The Spreadsheet module of LibreOffice supports various formulas that take multiple parameters. The...
Read more about "CVE-2023-0950"...*Title:* CVE-2023-2255 Remote documents loaded without prompt via IFrame *Announced:* May 24, 2023 *Fixed in:* LibreOffice 7.4.7/7.5.3 *Description*: LibreOffice supports "Floating Frames", similar to a html IFrame. The frames display...
Read more about "CVE-2023-2255"...*Title:* CVE-2023-1183: Arbitrary File Write in hsqldb 1.8.0 *Announced:* June 19, 2023 *Fixed in:* LibreOffice 7.4.6/7.5.1 *Description:* LibreOffice supports embedded databases in its odb file format. The most common format...
Read more about "CVE-2023-1183"...*Title:* CVE-2023-6185: Improper input validation enabling arbitrary Gstreamer pipeline injection *Announced:* December 11, 2023 *Fixed in:* LibreOffice 7.5.9/7.6.3 *Description:* LibreOffice supports embedded videos in file formats via platform audio/video support....
Read more about "CVE-2023-6185"...*Title:* CVE-2023-6186: Link targets allow arbitrary script execution *Announced:* December 11, 2023 *Fixed in:* LibreOffice 7.5.9/7.6.4 *Description:* LibreOffice supports hyperlinks. In addition to the typical common protocols such as http/https...
Read more about "CVE-2023-6186"...*Title:* CVE-2024-3044: Graphic on-click binding allows unchecked script execution *Announced:* May 14, 2024 *Fixed in:* LibreOffice 7.6.7/24.2.3 *Description:* LibreOffice supports binding scripts to click events on graphics. In affected version...
Read more about "CVE-2024-3044"...Page 15 of 113
Follow Us