Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

LibreOffice — Vulnerabilities & Security Advisories 37

All 37 CVE vulnerabilities found in LibreOffice, with AI-generated Chinese analysis, references, and POCs.

Vendor: [UNKNOWN]

CVE IDTitleCVSSSeverityPaused
CVE-2025-14714 TCC Bypass via Inherited Permissions in Bundled Interpreter CWE-288 9.8AICriticalAI2025-12-15
CVE-2025-2866 PDF signature forgery with adbe.pkcs7.sha1 SubFilter CWE-347 6.5 -2025-04-27
CVE-2021-25635 Content Manipulation with Certificate Validation Attack CWE-295 7.5 -2025-03-21
CVE-2025-1080 Macro URL arbitrary script execution CWE-20 8.8 -2025-03-04
CVE-2025-0514 Executable hyperlink Windows path targets executed unconditionally on activation CWE-20 6.5 -2025-02-25
CVE-2024-12426 URL fetching can be used to exfiltrate arbitrary INI file values and environment variables CWE-200 6.5 -2025-01-07
CVE-2024-12425 Path traversal leading to arbitrary .ttf file write CWE-22 6.2 -2025-01-07
CVE-2024-7788 Signatures in "repair mode" should not be trusted CWE-347 7.8 High2024-09-17
CVE-2024-6472 Ability to trust not validated macro signatures removed in high security mode CWE-295 7.8 High2024-08-05
CVE-2024-5261 TLS certificate are not properly verified when utilizing LibreOfficeKit CWE-295 9.1AICriticalAI2024-06-25
CVE-2024-3044 Graphic on-click binding allows unchecked script execution CWE-356 7.1 -2024-05-14
CVE-2023-6186 Link targets allow arbitrary script execution 8.3 High2023-12-11
CVE-2023-6185 Improper input validation enabling arbitrary Gstreamer pipeline injection 8.3 High2023-12-11
CVE-2023-1183 Arbitrary file write CWE-20 5.0 Medium2023-07-10
CVE-2023-0950 Array Index UnderFlow in Calc Formula Parsing CWE-129 8.8 -2023-05-25
CVE-2023-2255 Remote documents loaded without prompt via IFrame CWE-264 5.3 -2023-05-25
CVE-2022-3140 Macro URL arbitrary script execution CWE-20 7.6 -2022-10-11
CVE-2022-26306 Execution of Untrusted Macros Due to Improper Certificate Validation CWE-326 9.1 -2022-07-25
CVE-2022-26307 Weak Master Keys CWE-326 8.8 -2022-07-25
CVE-2022-26305 Execution of Untrusted Macros Due to Improper Certificate Validation CWE-295 7.5 -2022-07-25
CVE-2021-25636 Incorrect trust validation of signature with ambiguous KeyInfo children CWE-347 7.5 -2022-02-22
CVE-2021-25634 Timestamp Manipulation with Signature Wrapping CWE-295 7.5 -2021-10-12
CVE-2021-25633 Content Manipulation with Double Certificate Attack CWE-295 7.5 -2021-10-11
CVE-2021-25631 denylist of executable filename extensions possible to bypass under windows CWE-184 8.8 -2021-05-03
CVE-2020-12803 XForms submissions could overwrite local files 6.5 -2020-06-08
CVE-2020-12802 remote graphics contained in docx format retrieved in 'stealth mode' CWE-200 5.3 -2020-06-08
CVE-2020-12801 Crash-recovered MSOffice encrypted documents defaulted to not to using encryption on next save CWE-311 8.2 -2020-05-18
CVE-2019-9853 Insufficient URL decoding flaw in categorizing macro location CWE-116 7.8 -2019-09-27
CVE-2019-9855 Windows 8.3 path equivalence handling flaw allows LibreLogo script execution 9.8 -2019-09-06
CVE-2019-9854 Unsafe URL assembly flaw in allowed script location check 7.8 -2019-09-06

All 37 known CVE vulnerabilities affecting LibreOffice with full Chinese analysis, references, and POCs where available.