Vulnerabilities > Onlyoffice > Document Server > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-14 | CVE-2023-30187 | Out-of-bounds Write vulnerability in Onlyoffice Document Server An out of bounds memory access vulnerability in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file. | 9.8 |
| 2023-08-14 | CVE-2023-30186 | Use After Free vulnerability in Onlyoffice Document Server A use after free issue discovered in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file. | 9.8 |
| 2022-06-02 | CVE-2022-29777 | Out-of-bounds Write vulnerability in Onlyoffice Core and Document Server Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and below were discovered to contain a heap overflow via the component DesktopEditor/fontengine/fontconverter/FontFileBase.h. | 9.8 |
| 2022-06-02 | CVE-2022-29776 | Out-of-bounds Write vulnerability in Onlyoffice Core and Document Server Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and below were discovered to contain a stack overflow via the component DesktopEditor/common/File.cpp. | 9.8 |