onlyoffice document_server CVE Vulnerabilities (22)

CVEs: 22 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting onlyoffice document_server (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

Showing 2122 of 22 CVEs
«« First « Prev Page 2 / 2 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2020-11535 An issue was discovered in ONLYOFFICE Document Server 5.5.0. An attacker can craft a malicious .docx file, and exploit XML injection to enter an attacker-controlled parameter into the x2t binary, to rewrite this binary and/or libxcb.so.1, and execute code on a victim's server. [email protected] 9.8 2.32% 2020-04-15 2026-06-16
CVE-2020-11534 An issue was discovered in ONLYOFFICE Document Server 5.5.0. An attacker can craft a malicious .docx file, and exploit the NSFileDownloader function to pass parameters to a binary (such as curl or wget) and remotely execute code on a victim's server. [email protected] 9.8 2.24% 2020-04-15 2026-06-16
«« First « Prev Page 2 / 2 Next »
cvelogic Threat Intelligence