CVE-2024-3044

MEDIUM Year: 2024
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-356
View all →

Vulnerability Description

Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic. Such scripts were previously deemed trusted but are now deemed untrusted.

Related Vulnerabilities

CVE-2018-10595

MEDIUM
CVSS:6.3(Medium)

A vulnerability in ReadA version 1.1.0.2 and previous allows an authorized user with access to a privileged account on a BD Kiestra system (Kiestra TLA, Kiestra WCA, and InoqulA+ specimen processor) t...

CWE-3562018

CVE-2025-31334

MEDIUM
CVSS:6.8(Medium)

Issue that bypasses the "Mark of the Web" security warning function for files when opening a symbolic link that points to an executable file exists in WinRAR versions prior to 7.11. If a symbolic link...

CWE-3562025

CVE-2024-2609

MEDIUM
CVSS:6.1(Medium)

The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This vulnerability affects Firefox < 124, Firefox ESR <...

CWE-3562024

CVE-2018-10593

MEDIUM
CVSS:5.6(Medium)

A vulnerability in DB Manager version 3.0.1.0 and previous and PerformA version 3.0.0.0 and previous allows an authorized user with access to a privileged account on a BD Kiestra system (Kiestra TLA, ...

CWE-3562018

CVE-2019-13322

HIGH
CVSS:7.5(High)

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Browser Prior to 10.4.0. User interaction is required to exploit this vulnerability in that t...

CWE-3562019