Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2023-07-10	CVE-2023-1183	Path Traversal vulnerability in multiple products A flaw was found in the Libreoffice package. local low complexity libreoffice fedoraproject redhat CWE-22	5.5
2023-05-25	CVE-2023-2255	Improper access control in editor components of The Document Foundation LibreOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. network low complexity libreoffice debian	5.3
2022-10-11	CVE-2022-3140	Argument Injection or Modification vulnerability in multiple products LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. network low complexity libreoffice debian fedoraproject CWE-88	6.3
2021-01-07	CVE-2018-18688	Improper Verification of Cryptographic Signature vulnerability in multiple products The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. network low complexity code-industry foxitsoftware gonitro iskysoft libreoffice nuance qoppa soft-xpansion CWE-347	5.3
2020-06-08	CVE-2020-12803	Improper Input Validation vulnerability in multiple products ODF documents can contain forms to be filled out by the user. network low complexity libreoffice opensuse fedoraproject CWE-20	6.5
2020-06-08	CVE-2020-12802	LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. network low complexity libreoffice fedoraproject opensuse	5.3
2020-05-18	CVE-2020-12801	Cleartext Storage of Sensitive Information vulnerability in multiple products If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. network low complexity libreoffice opensuse CWE-312	5.3
2019-12-20	CVE-2012-5639	Exposure of Resource to Wrong Sphere vulnerability in multiple products LibreOffice and OpenOffice automatically open embedded content network low complexity libreoffice debian apache CWE-668	6.5
2019-07-17	CVE-2019-9849	LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. network low complexity libreoffice canonical fedoraproject debian opensuse	4.3
2012-06-17	CVE-2012-0037	XXE vulnerability in multiple products Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document. network low complexity librdf libreoffice apache fedoraproject redhat debian CWE-611	6.5