Vulnerabilities > Apache > Openoffice

DATE CVE VULNERABILITY TITLE RISK
2023-12-29 CVE-2023-47804 Argument Injection or Modification vulnerability in Apache Openoffice
Apache OpenOffice documents can contain links that call internal macros with arbitrary arguments.
network
low complexity
apache CWE-88
8.8
2023-03-24 CVE-2022-38745 Insecure Default Initialization of Resource vulnerability in Apache Openoffice
Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path.
local
low complexity
apache CWE-1188
7.8
2023-03-24 CVE-2022-47502 Argument Injection or Modification vulnerability in Apache Openoffice
Apache OpenOffice documents can contain links that call internal macros with arbitrary arguments.
local
low complexity
apache CWE-88
7.8
2022-08-15 CVE-2022-37400 Use of Insufficiently Random Values vulnerability in Apache Openoffice
Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database.
network
low complexity
apache CWE-330
8.8
2022-08-15 CVE-2022-37401 Insufficient Entropy vulnerability in Apache Openoffice
Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database.
network
low complexity
apache CWE-331
8.8
2021-10-11 CVE-2021-41830 Improper Verification of Cryptographic Signature vulnerability in Apache Openoffice
It is possible for an attacker to manipulate signed documents and macros to appear to come from a trusted source.
network
low complexity
apache CWE-347
7.5
2021-10-11 CVE-2021-41831 Improper Verification of Cryptographic Signature vulnerability in Apache Openoffice
It is possible for an attacker to manipulate the timestamp of signed documents.
network
low complexity
apache CWE-347
5.3
2021-10-11 CVE-2021-41832 Improper Verification of Cryptographic Signature vulnerability in Apache Openoffice
It is possible for an attacker to manipulate documents to appear to be signed by a trusted source.
network
low complexity
apache CWE-347
7.5
2021-10-07 CVE-2021-28129 Unspecified vulnerability in Apache Openoffice 4.1.8
While working on Apache OpenOffice 4.1.8 a developer discovered that the DEB package did not install using root, but instead used a userid and groupid of 500.
local
low complexity
apache
7.8
2021-10-07 CVE-2021-40439 XXE vulnerability in Apache Openoffice
Apache OpenOffice has a dependency on expat software.
network
low complexity
apache CWE-611
6.5