Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-30188 | 1 Onlyoffice | 1 Document Server | 2023-08-21 | N/A | 7.5 HIGH |
| Memory Exhaustion vulnerability in ONLYOFFICE Document Server 4.0.3 through 7.3.2 allows remote attackers to cause a denial of service via crafted JavaScript file. | |||||
| CVE-2022-48422 | 2 Linux, Onlyoffice | 2 Linux Kernel, Document Server | 2023-08-08 | N/A | 7.8 HIGH |
| ONLYOFFICE Docs through 7.3 on certain Linux distributions allows local users to gain privileges via a Trojan horse libgcc_s.so.1 in the current working directory, which may be any directory in which an ONLYOFFICE document is located. | |||||
| CVE-2021-25829 | 1 Onlyoffice | 1 Document Server | 2021-03-05 | 7.8 HIGH | 7.5 HIGH |
| An improper binary stream data handling issue was found in the [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v5.6.3. Using this bug, an attacker is able to produce a denial of service attack that can eventually shut down the target server. | |||||