Search
Search Results (63 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-10583 | 5 Apache, Canonical, Debian and 2 more | 8 Openoffice, Ubuntu Linux, Debian Linux and 5 more | 2024-11-21 | N/A |
| An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document. | ||||
| CVE-2018-10120 | 4 Canonical, Debian, Libreoffice and 1 more | 7 Ubuntu Linux, Debian Linux, Libreoffice and 4 more | 2024-11-21 | N/A |
| The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have unspecified other impact via a crafted document that contains a certain Microsoft Word record. | ||||
| CVE-2018-10119 | 4 Canonical, Debian, Libreoffice and 1 more | 7 Ubuntu Linux, Debian Linux, Libreoffice and 4 more | 2024-11-21 | N/A |
| sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted document that uses the structured storage ole2 wrapper file format. | ||||