libreoffice (SUSE:Linux Enterprise Software Development Kit 12 SP3) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Software Development Kit 12 SP3 package libreoffice, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (14)
CVE-2018-6871 — CVSS 9.8 (critical): LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which…
CVE-2016-10327 — CVSS 9.8 (critical): LibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF…
CVE-2017-7870 — CVSS 9.8 (critical): LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert…
CVE-2017-7882 — CVSS 9.8 (critical): LibreOffice before 2017-03-14 has an out-of-bounds write related to the HWPFile::TagsRead function in hwpfilter/source/hwpfile.cxx.
CVE-2017-8358 — CVSS 9.8 (critical): LibreOffice before 2017-03-17 has an out-of-bounds write caused by a heap-based buffer overflow related to the ReadJPEG function in…
CVE-2017-9432 — CVSS 9.8 (critical): Document Liberation Project libstaroffice before 2017-04-07 has an out-of-bounds write caused by a stack-based buffer overflow related to…
CVE-2017-9433 — CVSS 9.8 (critical): Document Liberation Project libmwaw before 2017-04-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the…
CVE-2018-10120 — CVSS 7.8 (high): The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not…
CVE-2018-10119 — CVSS 7.8 (high): sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm…
CVE-2018-16858 — CVSS 7.8 (high): It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute…
CVE-2015-8947 — CVSS 7.6 (high): hb-ot-layout-gpos-table.hh in HarfBuzz before 1.0.5 allows remote attackers to cause a denial of service (buffer over-read) or possibly…
CVE-2016-2052 — CVSS 7.6 (high): Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a…
CVE-2018-10583 — CVSS 7.5 (high): An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate…
CVE-2018-1055: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-6871. Reason: This candidate is a reservation duplicate of…