*Title:* CVE-2024-5261: TLS certificate are not properly verified when utilizing LibreOfficeKit *Announced:* Jun 25, 2024 *Fixed in:* LibreOffice 24.2.4 *Description:* LibreOfficeKit can be used for accessing LibreOffice functionality through C/C++....
Read more about "CVE-2024-5261"...*Title:* CVE-2024-6472: Ability to trust not validated macro signatures removed in high security mode *Announced:* Aug 05, 2024 *Fixed in:* LibreOffice 24.2.5 *Description:* Signed macros are scripts that have been...
Read more about "CVE-2024-6472"...*Title:* CVE-2024-7788: Signatures in "repair mode" should not be trusted *Announced:* Sep 17, 2024 *Fixed in:* LibreOffice 24.2.5 and 24.8.0 *Description:* Various file formats are based on the zip file...
Read more about "CVE-2024-7788"...*Title:* CVE-2024-12425: Path traversal leading to arbitrary .ttf file write *Announced:* Jan 7, 2025 *Fixed in:* LibreOffice 24.8.4 *Description:* Various file formats can contain embedded font files which are extracted...
Read more about "CVE-2024-12425"...*Title:* CVE-2024-12426: URL fetching can be used to exfiltrate arbitrary INI file values and environment variables *Announced:* Jan 7, 2025 *Fixed in:* LibreOffice 24.8.4 *Description:* URLs could be constructed which...
Read more about "CVE-2024-12426"...*Title:* Executable hyperlink Windows path targets executed unconditionally on activation *Announced:* February 25, 2025 *Fixed in:* LibreOffice 24.8.5 *Description*: LibreOffice has a feature where hyperlinks in a document can be...
Read more about "CVE-2025-0514"...*Title:* Macro URL arbitrary script execution *Announced:* March 4, 2025 *Fixed in:* LibreOffice 24.8.5 and 25.2.1 *Description*: LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS...
Read more about "CVE-2025-1080"...*Title:* PDF signature forgery with adbe.pkcs7.sha1 SubFilter *Announced:* Apr 27, 2025 *Fixed in:* LibreOffice 24.8.6 and 25.2.2 *Description*: LibreOffice supports digital signatures when opening PDF documents, presenting information if the...
Read more about "CVE-2025-2866"...The LibreOffice Viewer for Android does not collect any personal information nor any other user data. Administrativa The controller for the purpose of the EU GDPR (General Data...
Read more about "LibreOffice Viewer – Privacy Policy"...*Title:* TCC Bypass via Inherited Permissions in Bundled Interpreter *Announced:* Dec 15, 2025 *Fixed in:* LibreOffice 25.2.4 *Description*: LibreOffice typically bundles python to provide scripting support On macOS, an Authentication Bypass...
Read more about "CVE-2025-14714"...Page 16 of 116
Follow Us