6.1.3.2

DATE	CVE	VULNERABILITY TITLE	RISK
2023-07-10	CVE-2023-1183	Path Traversal vulnerability in multiple products A flaw was found in the Libreoffice package. local low complexity libreoffice fedoraproject redhat CWE-22	5.5
2021-01-07	CVE-2018-18688	Improper Verification of Cryptographic Signature vulnerability in multiple products The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. network low complexity code-industry foxitsoftware gonitro iskysoft libreoffice nuance qoppa soft-xpansion CWE-347	5.3
2020-06-08	CVE-2020-12803	Improper Input Validation vulnerability in multiple products ODF documents can contain forms to be filled out by the user. network low complexity libreoffice opensuse fedoraproject CWE-20	6.5
2020-06-08	CVE-2020-12802	LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. network low complexity libreoffice fedoraproject opensuse	5.3
2019-08-15	CVE-2019-9852	Path Traversal vulnerability in multiple products LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. local low complexity debian canonical opensuse fedoraproject libreoffice CWE-22	7.8
2019-08-15	CVE-2019-9851	Improper Input Validation vulnerability in multiple products LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. network low complexity debian canonical opensuse fedoraproject libreoffice CWE-20 critical	9.8
2019-08-15	CVE-2019-9850	Improper Input Validation vulnerability in multiple products LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. network low complexity debian canonical opensuse fedoraproject libreoffice CWE-20 critical	9.8
2019-07-17	CVE-2019-9849	LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. network low complexity libreoffice canonical fedoraproject debian opensuse	4.3
2019-07-17	CVE-2019-9848	Code Injection vulnerability in multiple products LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. network low complexity libreoffice canonical fedoraproject debian opensuse CWE-94 critical	9.8
2019-05-09	CVE-2019-9847	Improper Input Validation vulnerability in Libreoffice A vulnerability in LibreOffice hyperlink processing allows an attacker to construct documents containing hyperlinks pointing to the location of an executable on the target users file system. local low complexity libreoffice CWE-20	7.8