Vulnerabilities > Libreoffice
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-03 | CVE-2021-25631 | Unspecified vulnerability in Libreoffice 7.0.4/7.1.0/7.1.1 In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an executable type. | 9.3 |
| 2021-01-07 | CVE-2018-18688 | Improper Verification of Cryptographic Signature vulnerability in multiple products The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. network low complexity code-industry foxitsoftware gonitro iskysoft libreoffice nuance qoppa soft-xpansion CWE-347 | 5.0 |
| 2020-06-08 | CVE-2020-12803 | Improper Input Validation vulnerability in multiple products ODF documents can contain forms to be filled out by the user. | 4.3 |
| 2020-06-08 | CVE-2020-12802 | Information Exposure vulnerability in multiple products LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. | 4.3 |
| 2020-05-18 | CVE-2020-12801 | Missing Encryption of Sensitive Data vulnerability in Libreoffice If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. | 5.0 |
| 2019-12-20 | CVE-2012-5639 | Improper Input Validation vulnerability in multiple products LibreOffice and OpenOffice automatically open embedded content | 4.3 |
| 2019-09-27 | CVE-2019-9853 | Improper Encoding or Escaping of Output vulnerability in Libreoffice LibreOffice documents can contain macros. | 6.8 |
| 2019-09-06 | CVE-2019-9855 | Channel and Path Errors vulnerability in Libreoffice LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. | 7.5 |
| 2019-09-06 | CVE-2019-9854 | Path Traversal vulnerability in multiple products LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. | 6.8 |
| 2019-08-15 | CVE-2019-9852 | Path Traversal vulnerability in multiple products LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. | 7.5 |