CVE-2018-16858

CRITICAL Year: 2018
CVSS v3 Score
9.8
Critical
CVSS v2 Score
7.5
High
Weakness Type
CWE-356
View all →

Vulnerability Description

It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system location, specified relative to the LibreOffice install location.

Related Vulnerabilities

CVE-2019-6736

HIGH
CVSS:8.8(High)

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender SafePay 23.0.10.34. User interaction is required to exploit this vulnerability in that t...

CWE-3562019

CVE-2019-6737

HIGH
CVSS:8.8(High)

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender SafePay 23.0.10.34. User interaction is required to exploit this vulnerability in that t...

CWE-3562019

CVE-2019-6738

HIGH
CVSS:8.8(High)

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender SafePay 23.0.10.34. User interaction is required to exploit this vulnerability in that t...

CWE-3562019

CVE-2022-39362

HIGH
CVSS:8.8(High)

Metabase is data visualization software. Prior to versions 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, 1.42.6, 0.41.9, and 1.41.9, unsaved SQL queries are auto-executed, which could pose a possible attack...

CWE-3562022

CVE-2019-6736

HIGH
CVSS:8.8(High)

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender SafePay 23.0.10.34. User interaction is required to exploit this vulnerability in that t...

CWE-3562019

CVE-2019-6737

HIGH
CVSS:8.8(High)

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender SafePay 23.0.10.34. User interaction is required to exploit this vulnerability in that t...

CWE-3562019