libreoffice (SUSE:Linux Enterprise Software Development Kit 12 SP5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Software Development Kit 12 SP5 package libreoffice, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVE-2022-26307 — CVSS 8.8 (high): LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are…
CVE-2023-6186 — CVSS 8.3 (high): Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without…
CVE-2023-6185 — CVSS 8.3 (high): Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute…
CVE-2023-0950 — CVSS 7.8 (high): Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to…
CVE-2019-9853 — CVSS 7.8 (high): LibreOffice documents can contain macros. The execution of those macros is controlled by the document security settings, typically…
CVE-2022-26305 — CVSS 7.5 (high): An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was signed by a trusted author was…
CVE-2021-25636 — CVSS 7.5 (high): LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the…
CVE-2020-12803 — CVSS 6.5 (medium): ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for…
CVE-2024-3044 — CVSS 6.5 (medium): Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which…
CVE-2022-3140 — CVSS 6.3 (medium): LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme…
CVE-2023-2255 — CVSS 5.3 (medium): Improper access control in editor components of The Document Foundation LibreOffice allowed an attacker to craft a document that would…
CVE-2020-12802 — CVSS 5.3 (medium): LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This…
CVE-2020-12801 — CVSS 5.3 (medium): If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore…
CVE-2023-1183 — CVSS 5.0 (medium): A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where…
CVE-2014-3566 — CVSS 3.4 (low): The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for…