Filtered by vendor Onlyoffice
Subscribe
Total
27 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-50883 | 1 Onlyoffice | 1 Document Server | 2024-09-20 | N/A | 6.1 MEDIUM |
| ONLYOFFICE Docs before 8.0.1 allows XSS because a macro is an immediately-invoked function expression (IIFE), and therefore a sandbox escape is possible by directly calling the constructor of the Function object. NOTE: this issue exists because of an incorrect fix for CVE-2021-43446. | |||||
| CVE-2023-30188 | 1 Onlyoffice | 1 Document Server | 2024-02-28 | N/A | 7.5 HIGH |
| Memory Exhaustion vulnerability in ONLYOFFICE Document Server 4.0.3 through 7.3.2 allows remote attackers to cause a denial of service via crafted JavaScript file. | |||||
| CVE-2023-30187 | 1 Onlyoffice | 1 Document Server | 2024-02-28 | N/A | 9.8 CRITICAL |
| An out of bounds memory access vulnerability in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file. | |||||
| CVE-2023-30186 | 1 Onlyoffice | 1 Document Server | 2024-02-28 | N/A | 9.8 CRITICAL |
| A use after free issue discovered in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file. | |||||
| CVE-2022-48422 | 2 Linux, Onlyoffice | 2 Linux Kernel, Document Server | 2024-02-28 | N/A | 7.8 HIGH |
| ONLYOFFICE Docs through 7.3 on certain Linux distributions allows local users to gain privileges via a Trojan horse libgcc_s.so.1 in the current working directory, which may be any directory in which an ONLYOFFICE document is located. | |||||
| CVE-2023-34939 | 1 Onlyoffice | 1 Onlyoffice | 2024-02-28 | N/A | 9.8 CRITICAL |
| Onlyoffice Community Server before v12.5.2 was discovered to contain a remote code execution (RCE) vulnerability via the component UploadProgress.ashx. | |||||
| CVE-2021-43448 | 1 Onlyoffice | 1 Server | 2024-02-28 | N/A | 5.3 MEDIUM |
| ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Improper Input Validation. A lack of input validation can allow an attacker to spoof the names of users who interact with a document, if the document id is known. | |||||
| CVE-2021-43444 | 1 Onlyoffice | 1 Server | 2024-02-28 | N/A | 7.5 HIGH |
| ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. Signed document download URLs can be forged due to a weak default URL signing key. | |||||
| CVE-2022-47412 | 1 Onlyoffice | 1 Workspace | 2024-02-28 | N/A | 5.4 MEDIUM |
| Given a malicious document provided by an attacker, the ONLYOFFICE Workspace DMS is vulnerable to a stored (persistent, or "Type II") cross-site scripting (XSS) condition. | |||||
| CVE-2021-43449 | 1 Onlyoffice | 1 Server | 2024-02-28 | N/A | 8.1 HIGH |
| ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Server-Side Request Forgery (SSRF). The document editor service can be abused to read and serve arbitrary URLs as a document. | |||||
| CVE-2021-43447 | 1 Onlyoffice | 1 Server | 2024-02-28 | N/A | 7.5 HIGH |
| ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. An authentication bypass in the document editor allows attackers to edit documents without authentication. | |||||
| CVE-2021-43445 | 1 Onlyoffice | 1 Server | 2024-02-28 | N/A | 9.8 CRITICAL |
| ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. An attacker can authenticate with the web socket service of the ONLYOFFICE document editor which is protected by JWT auth by using a default JWT signing key. | |||||
| CVE-2021-43446 | 1 Onlyoffice | 1 Server | 2024-02-28 | N/A | 6.1 MEDIUM |
| ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Cross Site Scripting (XSS). The "macros" feature of the document editor allows malicious cross site scripting payloads to be used. | |||||
| CVE-2022-29777 | 1 Onlyoffice | 2 Core, Document Server | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and below were discovered to contain a heap overflow via the component DesktopEditor/fontengine/fontconverter/FontFileBase.h. | |||||
| CVE-2022-29776 | 1 Onlyoffice | 2 Core, Document Server | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and below were discovered to contain a stack overflow via the component DesktopEditor/common/File.cpp. | |||||
| CVE-2022-24229 | 1 Onlyoffice | 1 Document Server | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in ONLYOFFICE Document Server Example before v7.0.0 allows remote attackers inject arbitrary HTML or JavaScript through /example/editor. | |||||
| CVE-2021-40864 | 1 Onlyoffice | 1 Google Translate | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| The Translate plugin 6.1.x through 6.3.x before 6.3.0.72 for ONLYOFFICE Document Server lacks escape calls for the msg.data and text fields. | |||||
| CVE-2021-25832 | 1 Onlyoffice | 1 Document Server | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| A heap buffer overflow vulnerability inside of BMP image processing was found at [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v6.0.0. Using this vulnerability, an attacker is able to gain remote code executions on DocumentServer. | |||||
| CVE-2021-25831 | 1 Onlyoffice | 1 Document Server | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| A file extension handling issue was found in [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v5.6.3. An attacker must request the conversion of the crafted file from PPTT into PPTX format. Using the chain of two other bugs related to improper string handling, a remote attacker can obtain remote code execution on DocumentServer. | |||||
| CVE-2021-25829 | 1 Onlyoffice | 1 Document Server | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
| An improper binary stream data handling issue was found in the [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v5.6.3. Using this bug, an attacker is able to produce a denial of service attack that can eventually shut down the target server. | |||||