📦 Libreoffice
by Libreoffice
🔍 What is Libreoffice?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
LibreOfficeKit mode in LibreOffice versions before 24.2.4 disables TLS certificate verification when fetching remote resources via curl, allowing man-in-the-middle attacks. This affects third-party ap...
This vulnerability in LibreOffice allows attackers to craft malicious links using the 'vnd.libreoffice.command' URI scheme that can execute internal macros with arbitrary arguments when clicked in a b...
This vulnerability in LibreOffice allows attackers to execute arbitrary Windows executables through malicious hyperlinks. When a user clicks on a specially crafted hyperlink in a document, the executa...
This vulnerability in LibreOffice's certificate validation UI could allow users to inadvertently run malicious signed macros when certificate verification fails. The interface previously didn't clearl...
This vulnerability in LibreOffice allows attackers to execute built-in macros without user warnings by exploiting insufficient permission validation in hyperlinks. Users who open malicious documents i...
LibreOffice improperly validates macro signatures by only checking certificate serial numbers and issuer strings, not the actual cryptographic signature. Attackers can create fake certificates matchin...
A flaw in LibreOffice's password storage system weakens encryption from 128-bit to 43-bit entropy, making stored web connection passwords vulnerable to brute-force attacks if an attacker gains access ...
This vulnerability allows an attacker to create a digitally signed LibreOffice document that appears valid but actually uses a different key for verification than what's displayed to the user. Attacke...
LibreOffice has an improper certificate validation vulnerability that allows attackers to modify digitally signed ODF documents and insert bogus signing timestamps. LibreOffice incorrectly presents th...
This vulnerability allows attackers to create digitally signed LibreOffice documents that appear valid but contain manipulated content unrelated to the displayed signature. By tampering with certifica...
This CVE describes an authentication bypass vulnerability in LibreOffice on macOS where the bundled Python interpreter inherits the main application's TCC permissions. Attackers can execute scripts di...
A cryptographic signature verification flaw in LibreOffice allows attackers to spoof PDF signatures by making invalid signatures appear valid. This affects users who rely on LibreOffice's PDF signatur...
This vulnerability allows attackers to forge digital signatures in LibreOffice documents. An attacker can modify a signed ODF document to use an invalid signature algorithm, making LibreOffice incorre...
This vulnerability in LibreOffice allows attackers to embed malicious scripts in documents that execute automatically when users click on graphics, bypassing previous security prompts. It affects Libr...