*Title:* CVE-2024-5261: TLS certificate are not properly verified when utilizing LibreOfficeKit *Announced:* Jun 25, 2024 *Fixed in:* LibreOffice 24.2.4 *Description:* LibreOfficeKit can be used for accessing LibreOffice functionality through C/C++....
Read more about "CVE-2024-5261"...*Title:* CVE-2024-6472: Ability to trust not validated macro signatures removed in high security mode *Announced:* Aug 05, 2024 *Fixed in:* LibreOffice 24.2.5 *Description:* Signed macros are scripts that have been...
Read more about "CVE-2024-6472"...*Title:* CVE-2024-7788: Signatures in "repair mode" should not be trusted *Announced:* Sep 17, 2024 *Fixed in:* LibreOffice 24.2.5 and 24.8.0 *Description:* Various file formats are based on the zip file...
Read more about "CVE-2024-7788"...*Title:* CVE-2024-12425: Path traversal leading to arbitrary .ttf file write *Announced:* Jan 7, 2025 *Fixed in:* LibreOffice 24.8.4 *Description:* Various file formats can contain embedded font files which are extracted...
Read more about "CVE-2024-12425"...*Title:* CVE-2024-12426: URL fetching can be used to exfiltrate arbitrary INI file values and environment variables *Announced:* Jan 7, 2025 *Fixed in:* LibreOffice 24.8.4 *Description:* URLs could be constructed which...
Read more about "CVE-2024-12426"...Page 16 of 113
Follow Us