presentation templates for libreoffice

LibreOffice Impress Templates

The libreoffice impress templates project aims to provide a collection of well-designed, freely-licensed, usable templates for libreoffice impress. you can search below through all of the templates by name (try focus ), tag (try blue , dark , or pencil ), or collection (try material )..

Quick Tutorials, Solutions and to the point.

Create your first presentation using libreoffice impress.

Beginner’s guide on how to create a simple presentation in LibreOffice Impress.

LibreOffice Impress is a free and open-source presentation program for Linux, Windows and Mac. It comes with lots of features and compatibility with Microsoft PowerPoint as well.

Here is a basic guide for creating a simple presentation using Impress.

Table of Contents

Create Your First Presentation

Open LibreOffice Impress.
If the template dialog opens, select a template you want. Otherwise, click Close.
You will be presented with the first slide with a default design – A title and content.
Modify your presentation slide as per your choice using the toolbar options, e.g. Changing font colour, background colour, adding text etc.
From the File menu, click Save As … Choose any file type you want. You can also choose the Microsoft PowerPoint file type *.ppt or *.pptx as well. You can also refer to the list of file formats supported on this page .
Save the file.

Template selection in LibreOffice Impress

Present and View Your Impress Presentation

If you want to present the Impress presentation, double-click on the saved file and open it via Impress.
To start the SlideShow, Press F5 Or click SlideShow > Start from First Slide from the menu.
If you want to start the presentation from any slide, go to the slide in Impress and press SHIFT+F5.

If you are a beginner in LibreOffice Impress, this tutorial may get you started with your first presentation. Drop a comment below if you are facing difficulties with your Impress presentation.

Be a power user of LibreOffice. Be free.

Read our complete tutorial index 👉 Calc , Writer , Impress , Draw and Base .

Join our Telegram channel and stay informed on the move.

Share this tutorial with your friends:

Insert Video in Impress Presentation on LibreOffice

How to Crop Image in LibreOffice Impress

More Compatibility to ppt, pptx Files in Impress

Latest posts

Creator of libreofficehelp.com. The aim is to help as many people as possible with easy-to-understand tutorials. Connect with me via Telegram , Twitter , LinkedIn , or send us an email .

How to Enable Autosave in LibreOffice and OpenOffice
Export LibreOffice Impress Slides as Images
How to Move Columns in LibreOffice Calc [Tutorial]
How to Crop Image in LibreOffice Draw [Tutorial]

This site uses Akismet to reduce spam. Learn how your comment data is processed .

ibreOffice Impress Slide show ==============================

It is Useless without LibreOffice installed. Runs only from the Edit page toolbar menu, can not run it independently from a file. ————————————————————————————

I am trying to build an Family History Tree – Interactive Slide show. I have it built, and saved as an .odp file. But when I try to run the Show file, it opens up in Impress in Edit mode. How do I get it to run as a Stand-alone slide show? From the Slide-Show.odp file without LibreOffice Impress be installed? I need to email the file to my family members, or anyone who does not have it installed. None can run the slide show from the file as it is. I can save it as Windows .pptx file, but interactivity is trashed, links do not work. —————————————————————————————– Creation problems:

Another shortcoming is inability to insert multipage Document.odt files into a slide. The floating frame is postal stamp size that can not be resized, and Insert text works only for few lines of text that fits into the slide. ——————————————————————————————————————————————-

Working with any objects on the slide, from background to text boxes, lines or pictures is near impossible, everything can slide every which way taking the rest with it. Some Horizontal lines just owuld not go horizontal, only on the slant. Other lines would only snap onto invisible grid lines that can not be deactivated. There is no option to fix any slide objects into place, unless you want to specifically move them. Spent more time fixing the layout instead of concentrating on the creation instead.

What are the three options diplayed at bottom of Insert picture dialog box ?

Which dialog box?

I want to create a custom slide show with specific slides for my music. I am having trouble with the music. I am sure you can fix this. We are in a crazy world of slide shows. 😉

Impress Basics

You are using an outdated browser. Please upgrade your browser or activate Google Chrome Frame to improve your experience.

Download LibreOffice
Business users: click here
LibreOffice for Android and iOS
App Stores and Chromebooks
Release Notes
Development versions
Portable versions
LibreOffice as Flatpak
LibreOffice as Snap
LibreOffice as AppImage
LibreOffice Impress Remote
LibreOffice Online
What is LibreOffice?
LibreOffice vs OpenOffice
LibreOffice Technology
New Features
Writer – word processor
Calc – spreadsheet
Impress – presentations
Draw – diagrams
Base – database
Math – formula editor
What is OpenDocument?
Templates & Extensions
Who uses LibreOffice?
Screenshots
Community Assistance
Documentation
Installation Instructions
Professional Support
System Requirements
Accessibility
Mailing Lists
Frequently Asked Questions
Join us – start here!
What can you do for LibreOffice?
Infrastructure
Localization
Native-Lang Projects
Testing - QA
Community map
Grant Request
Who are we?
Advisory Board Members
LibreOffice Certification
Source Code
LibreOffice Timeline
Privacy Policy
Foundation's Reports
Merchandise
Read our blog
--> --> --> --> --> -->

Presentations done right

In Impress, creating and editing slides is very versatile thanks to different editing and view modes: Normal (for general editing), Outline (for organizing and outlining your text content), Notes (for viewing and editing the notes attached to a slide), Handout (for producing paper-based material), and Slide Sorter (for a thumbnail sheet view that lets you quickly locate and order your slides).

Rich content for outstanding presentations

Impress has a comprehensive range of easy-to-use drawing and diagramming tools to add style and sophistication to your presentation. What's more, you can bring your presentation to life with slide show animations and effects. The Fontworks tool lets you create attractive 2D and 3D images from text. Impress enables you to build and control 3D scenes incorporating a large variety of objects and components.

Stay in control - Master your performance

When the time comes to present your work, a powerful Slide Show mode gives you total command over how your slides are displayed and sequenced, so that you can focus on addressing your audience (which slides get shown; manual or timed slide transition; pointer visible or invisible; navigator visible/invisible; and much more).

Impress supports multiple monitors, and its bundled Presenter Console extension gives you even more control over your slide show, such as the ability to see the upcoming slide, view your slide notes, and control the presentation timer while the audience is looking at the current slide.

A touch of creativity

Take your presentations to the next level and save even more time by downloading templates from the LibreOffice template repository .

@libreoffice
@LibreOfficeBugs

Impressum (Legal Info) | Datenschutzerklärung (Privacy Policy) | Statutes (non-binding English translation) - Satzung (binding German version) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License . This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License v2.0 . “LibreOffice” and “The Document Foundation” are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy . LibreOffice was based on OpenOffice.org.

Rules for Effective Backups
Making a List, and Checking it Twice
Level One – Local Backup
Remote Backup Solutions
Verifying Your Backups
DOS Lesson 1: Operating Systems
DOS Lesson 2: Booting
DOS Lesson 3: Internal Commands
DOS Lesson 4: External Commands; Emergency Boot Disk
DOS Lesson 5: The Path
DOS Lesson 6: Syntax and Switches; Help System
DOS Lesson 7: DOS Filenames; ASCII
DOS Lesson 8: Format; Copy; Diskcopy; Xcopy
DOS Lesson 9: The File System
DOS Lesson 10: Directory Commands
DOS Lesson 11: DOS Wildcards; File Attributes
DOS Lesson 12: Expert DIR Use
DOS Lesson 13: BASIC
DOS Lesson 14: The EDIT Applet
DOS Lesson 15: Introduction to Batch Files
DOS Lesson 16: Practicing Batch Files with ECHO
DOS Lesson 17: Batch File Variables; Nested Batch Files
A Brief History of HTML
The Structure of HTML
Case Considerations in File Names
Separation of Structure and Presentation
Color on the Web
Using Tables for Layout
Block-Level and Inline Elements
ISO Entities
Images on the Web
Image Optimization: GIF
Image Optimization: JPEG
Web Hosting
FTP for PCs
Image Dimensions
List Headers
Server Issues and FTP
Further Directions
LibreOffice Class at Ohio LinuxFest 2012
LibreOffice Writer Overview
LibreOffice Writer Default Template
LibreOffice Writer Obtaining Other Templates
LibreOffice Writer: Creating Templates
LibreOffice Writer Paragraph Styles – What is a paragraph?
LibreOffice Writer Heading Styles
LibreOffice Writer Tab Styles
LibreOffice Writer Working with Paragraph-Level Styles
LibreOffice Writer Paragraph Styles in Templates
LibreOffice Writer Character Styles
LibreOffice Writer List Styles Introduced
LibreOffice Writer: A Bullet Style Deconstructed
LibreOffice Writer: A Numbered List Style Deconstructed
LibreOffice Writer Nested Lists Introduced
LibreOffice Writer Nested Lists Controlled via Styles
LibreOffice Writer Page Styles Introduced
LibreOffice Writer Working With Page Styles
LibreOffice Writer Frames: Introduction and the Type Tab
LibreOffice Writer Frame Properties Completed
LibreOffice Writer Other Frame Styles
Other Page Layout Options
A Brochure Project
LibreOffice Calc: What is a Spreadsheet?
LibreOffice Calc: Cells
LibreOffice Calc – Calculations and the Formula Bar
LibreOffice Calc – Fills, an Introduction
LibreOffice Calc – Models and “What-If” Analysis
LibreOffice Calc – A Savings Model
LibreOffice Calc: Sheet Editing and Navigation
LibreOffice Calc: Introduction to Charts and Graphs
LibreOffice Calc: Creating Charts
LibreOffice Calc: More on Chart Editing
LibreOffice Calc: Introduction to Functions
LibreOffice Calc: Financial Functions – Loan Payments
LibreOffice Calc: More Financial Functions
LibreOffice Calc: Simple Descriptive Statistics
LibreOffice Calc: Inferential Statistics Functions
LibreOffice Calc: Other Functions
LibreOffice Calc: Data manipulation 1: Sorting and AutoFilter
LibreOffice Calc: Data Manipulation 2: Standard and Advanced Filters
LibreOffice Calc: Creating Pivot Tables
LibreOffice Calc: Working With Pivot Tables
LibreOffice Calc: Styles and Templates Introduced
LibreOffice Calc: The Object Model and Using Templates
LibreOffice Calc: Page Styles and Page Settings
LibreOffice Calc: Cell Styles
LibreOffice Calc: Creating a Template with Styles
LibreOffice Impress: Overview and Guidance
LibreOffice Impress: Moving Around
LibreOffice Impress: Outlining and Blank Presentations
LibreOffice Impress: Creating a Presentation

LibreOffice Impress: Templates and Master Pages

LibreOffice Impress: Styles and Objects 1. Presentation Styles
LibreOffice Impress: Styles and Objects 2. Drawing Object Styles
LibreOffice Impress: Creating A Template for Hacker Public Radio
LibreOffice Impress: Pictures
LibreOffice Impress: The Gallery and Themes
LibreOffice Impress: Slide Layouts and AutoLayout Text Boxes
LibreOffice Impress: Working With Text Boxes
LibreOffice Impress: Formatting Text
LibreOffice Impress: Multimedia
LibreOffice Impress: OLE Objects, Spreadsheets, and Charts
LibreOffice Impress: Impress Built-In Charts
LibreOffice Impress: Tables
Beginning with VBA: Recording a Simple Macro in Word
Managing Macros in MS Office
The Visual Basic Editor
Fixing Macros
Some Good Code Tips
Preparing to Code in VBA
Intro to GIMP
Selection Tools
Paint Tools
Transform Tools
Color Tools
Miscellaneous Tools
Patterns and Gradients
Introduction to Layers
Getting Started With Layers
Free, Public Domain and Creative Commons Assets
An Example of Using Layers
More on Layer Tools and Techniques
Layer Masks
A Layer Mask Project
Blending Layers
More Free Image Sites?
Normal Layer Modes: Normal, Dissolve, Color Erase
Normal Layer Modes: Erase, Merge, and Split
Lighten Layer Modes
Dodge and Burn
Darken Modes
Contrast Modes
Inversion Layer Modes
HSV Components Layer Modes
LCh Components Layer Modes
Digitizing photos
Photo storage, backups, and workflow

Version 4.4

What is a Template?

The terms Template and Master Pages refer to the same thing, but inside the Impress application they are referred to as Master Pages, and they are accessed on the right-hand side of the page. If you as the author do not choose a specific Template to use when creating a new presentation, Impress will base the presentation on the default Template that is built in to Impress. But you can create your own default Template if you like.

First, open up a blank presentation, and make the changes you want. For instance, if you work in a large organization they may well have standards that say that you should use a certain logo, or even a complete slide background. They may specify text colors and fonts, and so on. Templates are a way to contain all of these settings, Styles, and other specifications. If you know you will use the same setup over and over, it may make sense to create a Default Template so all of these settings automatically are applied every time you begin a new Presentation. When your Template has everything you want, save it as a Template by following the instructions below for Saving Templates. Then, to make it the default, go to File–>Templates–Manage, which will open up a similar window. Go to My Templates, click on the Template you just created, and then click the Set as Default button to make it the new Default Template.

Like in Writer, the Master Pages in Impress can contain their own styles, which is very useful. For example, the design of the slides may make it desirable that text be a certain color within the Master Page, and having it contain its own styles helps with this.

Finding Templates Online

In our last tutorial we saw how you can create a presentation that focuses on content by creating a black-and-white presentation. But once you have got your content into shape you will probably want to add some eye appeal to spice up the Presentation. Fortunately there are many available on the Internet:

http://templates.libreoffice.org/template-center?getCategories=Presentation&getCompatibility=any
http://www.presentationmagazine.com/free-open-office-impress-templates-91.htm
http://technology.chtsai.org/impress/
http://www.free-power-point-templates.com/articles/free-openoffice-and-libreoffice-templates-for-impress/

There are plenty more out there, just do a search for “Impress Templates” or “Impress Backgrounds” in the search engine of your choice and you will find many. I like to find ones I can use and add them to my collection.

Adding Templates

Generally there are two ways you add Templates in any LibreOffice application, and we discussed this previously in regard to Calc Templates (see LibreOffice Calc: The Object Model and Using Templates ). Since that covered the topic in some detail I won’t repeat all of it here, but I will give a brief explanation of what is involved.

In general, Templates are either packaged as stand-alone Template files or as Extensions. For Extensions, go to Tools–>Extension Manager, and click Add. For stand-alone Template files, open the Template Manager by going to File–>New–>Templates, open your My Templates folder if it is not already opened, then look for the Import button. This opens a standard file manager window. Go to where your downloaded Template file is, select it, and click “Open”. Note that a Template should be a file with the extension *.otp, but I have seen many cases where files were distributed as *.odp files instead. Strictly, *.otp is the extension for Templates, but as we discussed previously Templates, Master Pages, and slide Backgrounds are often lumped together in people’s minds as Templates. Since you will encounter this, let’s discuss how to handle these different cases.

Real Templates – Add as above by going to File–>New–>Templates and using the Import button.
Presentations with backgrounds added – These are *.odp files, the file format for presentations. For these see the next section on how to deal with a bug.

Saving Templates

There is a very odd bug in Impress that might bite you in trying to save a Template. The problem is that the My Templates folder for Impress does not appear at all in the Template Manager, which makes it very difficult to save a Template, as you might imagine. This is not the case for every version, as far as I can tell, so if you don’t run into it all the better. There is a kludgy workaround:

Go to File > Save As Template on the main menu bar to open the Template Manager dialog. By default the Template Manager opens at the Documents page.
Double click on the MediaWiki folder to select it and activate the Save icon, then click the Save icon.
Specify the template name in the pop-up dialog and click Accept. The template is saved into the MediaWiki folder. This appears in the MediaWiki folder on the dialog page of the file type being saved, which is Presentations.
Close the Template Manager dialog.
Go to File > New > Templates on the main menu bar to open the Template Manager dialog again. Note: Closing and opening the Template Manager is necessary so that the following steps can be carried out to move your template into the My Templates folder.
Select the Presentations tab to open the dialog page for presentations (Figure 32).
Double-click the MediaWiki folder to open it.
Select the template you have just added and the file handling controls are displayed.
Click the Move to folder icon and select My Templates from the drop list that appears. Your template will be moved from the MediaWiki folder to the My Templates folder.

This is not a good thing, and I have filed a bug on it. Perhaps by the time you read this it will be fixed, but at least if you run into it you know what to do. (Thanks to Brian Barker from the LibreOffice Users list for the solution.)

Once you have succeeded in saving a Template to your My Templates folder in Impress, it will appear on the right when you select Master Pages, and you can use the slide background and graphics in other presentations even if you did not start out to base your presentation on the saved Template.

Applying Master Pages

When you select Master Pages in the Sidebar, you will see the ones available to you right next to the Sidebar. At the start, these will be the ones that come with LibreOffice out-of-the-box, but as we saw above you can add to your selection by saving Templates, including ones you downloaded from online sites. Click on the one you want, and it will be applied to your presentation. If you later want to change the one used (and that can be often) you might find that selecting a different one only applies to a slide you have selected. The easiest way to fix that is to go to Slide Sorter, press Ctrl+A to select all, then click on the Master Page you want to use. This will apply the Master to all of the Presentation.

Note also that you do not need to use only one Master for one Presentation. But use some common sense. In a large Presentation with two major sections, it might makes sense to give each section its own Master, but don’t go overboard. Remember that you want the attention to be on you, not on your slides.

Creating Your own Master Pages

Go to View–>Master–>Slide Master to bring up the Master view. When you do, you should see a small floating toolbar called Master View.

Master View toolbar

The first button on the left with the Plus sign lets you create a new Master Page but you may not need to do anything because when you open the Master View it usually gives you a brand new Master to work with. You have a number of options here, including text options. Here is a screenshot of my workspace showing the Styles and Formatting window docked to the left of the Workspace.

Workspace with Styles and Formatting window docked and open

What this is telling you is that many of the elements of the Master Page can be controlled by Styles. For the sake of not having a very long tutorial I am going to put a discussion of Styles off in detail until the next tutorial. Then I will bring the pieces together to create a with a Master Page, and a group of Styles.

Listen to the audio version of this post on Hacker Public Radio !

Administrivia
Uncategorized

Audio Podcasts

This Week In Google
This Week In Tech
Smarterware
The Buzz Machine
Zwilnik.com

Office Software

LibreOffice
Lotus Symphony
Microsoft Office
Microsoft Office Templates
OpenOffice.org
The Document Foundation
The Search Engine Optimisers (SEOs) Guide To Excel
WordPerfect Office

Saved searches

Use saved searches to filter your results more quickly.

To see all available qualifiers, see our documentation .

Notifications You must be signed in to change notification settings

Freely-licensed LibreOffice Impress templates

dohliam/libreoffice-impress-templates

Folders and files.

Name		Name
42 Commits

Repository files navigation

Libreoffice impress templates.

1 Background
3 Screenshots
4.1 apache-oo
4.2.1 samples
4.3.1 samples
4.4.1 samples
4.6.1 samples
4.7 lo4-design-candidates
4.8 lo5-design-candidates
4.9 lo51-templates
4.10.1 samples
4.12.1 samples
4.13 user-contrib
7.1 Arch Linux
7.2 Ubuntu & Debian

It is surprisingly difficult to find well-designed presentation templates for LibreOffice Impress under a free license.

LibreOffice comes pre-installed with a handful of barebones templates that are not terribly useful.

Many people online have asked about where to find more and better templates, and they are usually directed to the LibreOffice Templates website. There are surprisingly few usable templates there -- many are abandoned, not actually available for download, lacking any license information, and so on -- but those that can be downloaded and used are often not what one might expect to see in a modern presentation.

Further searching will turn up various odds-and-ends that have cropped up over the years -- a download here, a website there -- as well as more unlicensed or non-free templates and even suggestions to just use .ppt files from MS Office.

Most amazing of all is the lack of packages containing additional templates for most distros.

For example, the libreoffice-templates package (description: "Additional set of templates for LibreOffice") that is available in Ubuntu, only contains the 8 default templates that come with LibreOffice itself. Installing this package thus has no effect on the templates available to the user in Impress, and no other template packages appear to be available.

This project aims to improve this situation.

To provide a collection of well-designed, freely-licensed, usable templates for LibreOffice Impress.

To eventually build packages for as many distros as possible so that people can install extra templates easily through their package manager. These should work without any additional intervention on the part of the user -- if you install a templates package, you should just need to open Impress and go to the templates gallery to see all the templates you have just installed, ready for use.

To provide a central place for a curated, maintained collection of high-quality, working Impress templates designed by the community.

Screenshots

You can now live search through all the templates using tags . Try it out on the template homepage .

There is also a full gallery of screenshots for all the templates included in this project on the screenshots page .

A collection of open-licensed templates from the Apache OpenOffice Templates collection.

chtsai-impress

A collection of 16 templates originally made between 2005-2009 for OOo Impress by Chih-Hao Tsai . It includes several templates suitable for widescreens.

These are licensed CC-BY-SA (see included license file).

The templates included in chtsai-impress are:

cinemascope.otp
kaohsiung.otp
panavision.otp
tokyo-midtown-1.otp
tokyo-midtown-2.otp
tokyo-midtown-3.otp
widescreen-tv.otp
widescreen.otp

For a full gallery of template screenshots in this package, see the screenshots page .

fedora-slideshow

A series of 18 templates based on designs by members of the Fedora Project community.

These include 3 templates ( fedora-patterns-clover , fedora-textures-grey-blue , and fedora-clean-grey ) from an open call to design a slide deck template for general Fedora presentations.

It also includes two templates ( fedora-patterns-wings and fedora-server-theme ) by William J Morenor.

The remainder of the templates are based on designs from the Fedora Project Wiki .

All of the templates have had the original Fedora branding removed to make them suitable for generic use, and have been renamed with more descriptive titles (e.g., fedora-clean-blue-white rather than Presentations_l10nDev ).

These templates are released under a CC-BY-SA license, with the exception of several which are CC-BY. For full license and attribution information, please see the README in the fedora-slideshow directory, and the metadata ( meta.xml ) included with each file.

The templates included in fedora-slideshow are:

fedora-bubbles
fedora-clean-blue-white
fedora-clean-grey
fedora-floral-green
fedora-gradients-dark
fedora-gradients-light
fedora-gradients-medium
fedora-mirrormanager
fedora-odometer
fedora-patterns-clover
fedora-patterns-wings
fedora-photography
fedora-server-theme
fedora-solar-splash
fedora-sunlight-bubbles
fedora-textures-blue
fedora-textures-grey-blue
fedora-textures-wings

For a full list of template screenshots in this package, see the screenshots page .

kde-files-org

A collection of 18 templates from members of the community at kde-files.org.

These have been released under a variety of different licenses (GPL, LGPL, CC-BY, CC-BY-NC, Public Domain). See the README in the kde-files-org folder for attribution and license details.

The templates included in kde-files-org are:

autumn-flowers
braids-gradient-blue
letterpress
red-flowers
soft-background-brown
soft-background-brown-murky-emboss
soft-background-burgandy
soft-background-green
soft-background-green-emboss
soft-background-sky
traeth-glas

A collection of open-licensed templates from The Document Foundation Design Team's Call for Templates for LibreOffice.

lo35-templates

A series of 25 presentation template layouts provided in version 3.5 of LibreOffice. They were located in the /usr/lib/libreoffice/share/template/common/layout/ directory. They no longer appear to be available in recent versions of LibreOffice, having been replaced by ten much less useful templates ( AbstractGreen.otp , AbstractRed.otp , AbstractYellow.otp , BrightBlue.otp , DNA.otp , Inspiration.otp , LushGreen.otp , Metropolis.otp , Sunset.otp , Vintage.otp ).

The templates included in lo35-templates are:

lyt-aqua.otp
lyt-blackandwhite.otp
lyt-bluegrey.otp
lyt-bluelinesgrad.otp
lyt-bluetitledown.otp
lyt-book.otp
lyt-brown.otp
lyt-charglow.otp
lyt-forest.otp
lyt-frepa.otp
lyt-glacier.otp
lyt-greengradlines.otp
lyt-keyboard.otp
lyt-movwaves.otp
lyt-numdark.otp
lyt-ocean.otp
lyt-organic.otp
lyt-paper.otp
lyt-rededges.otp
lyt-roundedrect.otp
lyt-sunrise.otp
lyt-techpoly.otp
lyt-tunnel.otp
lyt-water.otp
lyt-wine.otp

Most of the templates were created by Ilko Hoepping, with others by Volker Ahrendt. These appear to be licensed under LGPLv3 along with the rest of LibreOffice v3.5.

lo4-design-candidates

A collection of 12 open-licensed templates from the LibreOffice Design Team's call for templates for inclusion in LibreOffice 4.4.

lo5-design-candidates

A collection of 23 open-licensed templates from the LibreOffice Design Team's call for templates for inclusion in LibreOffice 5.0.

lo51-templates

A group of presentation templates that were included with version 5 of LibreOffice.

modern-impress-templates

A series of 41 templates made many years ago for OOo and provided as an .oxt file. This seems to have been the first attempt to collect a series of freely-licensed, well-designed modern templates for LibreOffice in one place.

Unfortunately the oxt file no longer works, and installing the extension does not actually make any templates available in Impress. However, the .oxt file contains .otp files which can be extracted and opened directly in LibreOffice.

The larger problem with these original template files is that they no longer work with recent versions of Impress. Someone commented back in 2010 that the templates had stopped working with Impress, and got a response saying a fix would come soon, however they remained broken as of 2015. It is possible that they never worked properly, as the issue in most cases turned out to be incorrectly identified images in the manifest file (e.g. specifying a background image called background.png when the image file was actually called background.jpg ). The .otp files have all been fixed one-by-one in this repo, so these very nice templates can now be used once again (if you still encounter any problems opening the files in LibreOffice, please let me know by opening an issue ).

The templates included in modern-impress-templates are:

another-poppy
blue-elegance
fields-of-peace
fresh-morning
glowing-rectangles
green-concentration
greenish-wallpaper
lightwave-in-motion
metal-motion
moebius-strip
motion-stripes
pixels-rock
eco-lightblue
suse-wallpaper
the-bait-nc
ubuntu-caramel-mocha
ubuntu-mocha

A collection of open-licensed templates from various places around the Web.

A collection of 35 templates based on designs from members of the community at spreadubuntu , including among others 30 templates by leogg of DifundeUbuntu Nicaragua.

Most of the K/X/Ubuntu branding has been removed, except in cases where it seems generic or otherwise not obvious (e.g. a giant faint gear or circle in the background).

All of the templates are licensed CC-BY-SA (for full attribution and license information, see the LICENSE file in the ubuntu-odp folder, or the individual metadata in each templates meta.xml file.

The templates included in ubuntu-odp are:

edubuntu-community
edubuntu-escalante
edubuntu-escondido
edubuntu-esquipulas
edubuntu-esteli
edubuntu-estero-real
kubuntu-community
kubuntu-karata
kubuntu-karawala
kubuntu-kde-powered
kubuntu-kilambe
kubuntu-kubali
kubuntu-kukra-hill
kubuntu-kurinwas
kubuntu-kurnog
ubuntu-community
ubuntu-curve-brown
ubuntu-dots-orange
ubuntu-gnome-powered
ubuntu-tallship-aubergine
ubuntu-ubaldo
ubuntu-ukapina
ubuntu-ulang
ubuntu-ulwaskin
ubuntu-umbra
ubuntu-world-map-brown
xubuntu-community
xubuntu-treeline-blue
xubuntu-xalapa
xubuntu-xalteva
xubuntu-xiloa
xubuntu-xilonem
xubuntu-xolotlan

user-contrib

Calling all designers! This is your chance to make a difference by making well-designed templates freely available so that non-designers don't have to ( shudder ) make their own. Any and all submissions are welcome in the user-contribs folder. It doesn't have to be the best presentation template you can make -- just the template you wish everyone else had used when you have to sit through a day or a week of presentations. Give the world the opportunity to not offend your design sensibilities by sharing better templates!

Details on the currently available templates in this collection can be found here .

The scripts folder contains the scripts used to build and unpack the .otp files. Binaries are purposely not stored in the repository in an effort to avoid using git for things it was not meant to do. Instead, they are made available for download in the releases section , while the repository itself contains the unpacked files inside each .otp template. The scripts allow these unpacked files to be compiled into collections of usable template binaries for download.

If you have ruby installed you can also use these to build the templates yourself from source. Just enter a directory containing template source files and execute the repack_otp.rb script.

For example, if you have cloned the repository and want to build the Modern Impress Templates collection, you can use the following commands from within the main repository directory:

You MUST change directory into a collection directory for the script to work.

This will create an .otp template file for each source folder in the directory.

You can also use the scripts to pack and unpack individual templates. Just add one or more template file or folder names after the main command, e.g.:

Head over to the releases section to download binaries containing the templates for use with LibreOffice Impress.

This collection currently includes 253 Impress templates that have been tested to work on recent versions of LibreOffice (4.2.8+).

There is now a .deb package available for Ubuntu and Debian-based systems that will install all the templates for immediate use in LibreOffice. See the releases section for the latest packages and the install guide in the wiki for help with installation.

Installation

Most of the individual templates can be used directly without installation by clicking on the .otp files (available in the release packages ).

To get the .otp file for a particular template, just download the corresponding template collection from the release section , unzip it and look in the otp folder for the file you want.

It is also possible to compile one or all of the templates manually from source, using the template packing script in the scripts folder.

Installation packages for specific operating systems are also available (see below for further details).

Ubuntu & Debian

There is now a .deb package available for Ubuntu and Debian-based systems that will install all the templates for immediate use in LibreOffice.

See the releases section for the latest packages and the install guide in the wiki for help with installation.

These templates have all been released under different (open) licenses, and are grouped together for convenience. They retain their original licenses in all cases. The repository itself (apart from the templates) is released under the MIT license.

See the readme files in each folder for an overview of the template licenses for each collection. Most of the templates also include detailed attribution and licensing details in the meta.xml file located in the template source folder.

Table of contents made with tocdown .

Contributors 3

Ruby 100.0%

LibreOffice templates

This site offers 434 free LibreOffice templates that you can customize and print. Available as .ODT or .ODS files for business or personal use, including templates for work, school, and personal use.

Here are the 10 most popular Libre Office templates:

Changing Fields Resume

CV Gray Sidebar

Basic Invoice

Resume For Teens

Professional Resume Letter

Certificate of Appreciation

Monthly Bookkeeping Record

Professional CV Letter

Entry-Level Position Resume

Generic Business Card

Subscribe to the Free Printable newsletter. (No spam, ever!)

These free LibreOffice templates are easy to download and print. Each template is available in LibreOffice format: just download one, open it in LibreOffice, edit, and print.

Also available: more free printables including templates for OpenOffice , printable signs , and business form templates .

Work and Employment Templates

School and Teacher Templates

Financial Form Templates

Health and Medical Templates

Fax Cover Sheet Templates

Family Tree Templates

Personal Templates

Legal Templates

Letterhead Templates

Planner Templates

Newest Additions

Search All Printables

Search all printables:

Thank you for your suggestion.

We're always adding new printables, and would love to hear your suggestions. What are we missing?

Submit Suggestion Close

Sort order:

Entries with the following Tags:

Add tag filters:

Presentation Sapins et tilleuls

A nice presnetation in shades of green with some animated shapes.

Not rated yet

Presentation Framboise écrasée

A three part presentation with some animated shapes. It will be easy to adapt if necessary. 5 master slides.

Consulting Blue - IBM Plex Sans

A professional and clean presentation template featuring IBM Plex Sans font, ideal for consultants and business presentations.

Ambiance Halloween ou estivale

2 versions: autumn and summer for professional use. 2 versions : automnale et estivale pour un usage qui reste professionnel.

Template LibreOffice Presentations MMA v1

Modern Magma Affirmation is a very nice and modern, yet simple Presentations Template for LibreOffice.

Présentation Grain de café

A presentation in 2 versions easy to use and customize. Une présentation en 2 versions facile à utiliser et personnaliser.

Chocolat & variantes

A presentation in 3 parts that shows the progress of the presentation. Une présentation en 3 parties qui permet de suivre son déroulement.

Blank Comic Book - Free printable comic strip template

Impress template for Comic Books

Émeraude et mimosa (présentation)

Presentation with 3 master slides. Explanations included in the template in French and in English. Feel free to translate it.3 diapos maîtresses, explications inclues en français et en anglais.

Love OpenSource

Do you have your first conference talk ? Want to improve your presentions skils ?This template has usefull tips for you and some minimalistic desings that show you Love OpenSource

Modern template

Modern template for LibreOffice Impress

★ ★ ★ ☆ ☆

★ ★ ★ ★ ☆

Impress Modèle de présentation Bleus et gris

Présentation en quatre parties. Personnalisable facilement.Feel free to translate it.

Impress Modèle de présentation Fée bleue

Présentation en trois parties. Personnalisable facilement. Feel free to translate it.

Présentation Titre bi-partie filet gris

Deux pages maitresses : titre et contenu.

Présentation Barres bleues

Quatre diapos maîtresses : Titre, Sommaire et merci, Chapitre et Contenu.

Présentation filets verts

Tokyo Style Template

Inspired by the landscape in Tokyo.

Marseille City Light

A simple and luminous template based on blue, white and grey.

Template Business Design 2

Template Business Design

★ ★ ★ ★ ★

Template Impress Grid

Traeth Glas

Blue & yellow presentation template

University Presentation

Template for preparing course material or dissertations for universities.

A template for history classes

White Template

Postage stamp

Stamp-like slide template for digital photos with standard 4:3 aspect ratio

Presento template for LibreOffice Impress

Profesional Impress Template

A template for Impress with two main slides. Each have a room for a logo.

Impress Guide 7.0

Chapter 2 Master Slides, Styles, and Templates

This document is Copyright © 2021 by the LibreOffice Documentation Team. Contributors are listed below. You may distribute it and/or modify it under the terms of either the GNU General Public License ( http://www.gnu.org/licenses/gpl.html ), version 3 or later, or the Creative Commons Attribution License ( http://creativecommons.org/licenses/by/4.0/ ), version 4.0 or later.

All trademarks within this guide belong to their legitimate owners.

Contributors

To this edition.

Peter Schofield	Claire Wood	Jean Hollis Weber
Felipe Viggiano	Regina Henschel	Samantha Hamilton
Olivier Hallot	Dave Barton

To previous editions.

Peter Schofield	Dimona Delvere	Michele Zarri
T. Elliot Turner	Jean Hollis Weber	Hazel Russman
Chad D. Lines	Low Song Chuan	Jaimon Jacob
Muhammad Sufyan Zainalabidin	Dan Lewis	Agnes Belzunce
Peter Hillier-Brook	Gary Schnabl	Claire Wood
Rachel Kartch	Linda Worthington

Please direct any comments or suggestions about this document to the Documentation Team’s mailing list: [email protected]

Everything sent to a mailing list, including your email address and any other personal information that is written in the message, is publicly archived and cannot be deleted.

Publication date and software version

Published February 2021 . Based on LibreOffice 7.0 .

Designing a presentation

In addition to careful planning of the content, as discussed in Chapter 1 Introducing Impress, you need to plan the appearance of the presentation. It is best to do this after you have developed an outline, because the outline will determine some of the requirements for the appearance of the slides. For example:

What color combinations (background and text) will look good and also be easy for your audience to read?

Would an image help your audience understand the contents better?

Do you want particular text and image to appear on all the slides? For example a company name and logo.

Would the audience benefit from having the slides numbered so that they can quickly refer to one of them?

Do you want a background graphic or gradient? If so, you need to pick something that does not interfere or clash with content such as the colors used in charts.

Will you need one or more master slide?

Will one slide design suit all of the presentation content?

You can change the appearance of slides as you develop the presentation, but planning ahead will save you time in the long run.

What are master slides?

A master slide is a slide that is used as the starting point for other slides. It is similar to a page style in LibreOffice Writer as it controls the basic formatting of all slides based on it. A presentation can have more than one master slide.

LibreOffice uses three terms for one concept: master slide, slide master, and master page. All refer to a slide which is used to create other slides. This user guide uses the term master slide, except when describing the user interface.

A master slide has a defined set of characteristics, including the background color, graphic, or gradient. It also can include objects (for example, logos, decorative lines) in the background; headers and footers; placement and size of text frames; and text formatting.

All of the characteristics of master slides are controlled by styles. The styles of any new slide you create are inherited from the master slide from which it was created. In other words, the styles of the master slide are available and applied to all slides created from that master slide. Changing a style in a master slide results in changes to all the slides based on that master slide. It is, however, possible to modify each individual slide without affecting the master slide.

It is highly recommended to use the master slides whenever possible. However, there are occasions where manual changes are needed for a particular slide. For example, you could edit an individual slide to enlarge the chart area when the text and chart layout is used.

Master slides have two types of styles associated with them: presentation styles and drawing styles. The presentation styles can be modified, but new presentation styles cannot be created. For drawing styles, you can modify the styles and also create new drawing styles. For more information, see “ Working with styles ” below .

Working with master slides

Impress comes with a collection of master slides. These master slides are shown in the Master Slides deck of the Sidebar ( Figure 1 ). This deck has three sections: Used in This Presentation , Recently Used , and Available for Use . Click the expand marker next to the name of a section to expand it and show thumbnails of the master slides, or click the collapse marker to collapse the section to hide the thumbnails.

Each of the master slides shown in the Available for Use section is from a template of the same name. These presentation templates are included when install LibreOffice on your computer. If you have created your own templates, or added templates from other sources, master slides from those templates will also appear in this list. See “ Working with templates ” below for more information about templates.

If you have decided to create a new presentation without using one of the templates available (see Chapter 1, Introducing Impress for more information), then a default master slide is available. This default master slide is a good starting point for creating master slides. An example of the default master slide is shown in Figure 2 .

Figure 1 : Master Slides deck on Sidebar

Figure 2 : Default master slide

Figure 3 : Master View toolbar

Figure 4 : Rename Slide dialog

Creating master slides

Creating a new master slide is carried out when Impress is in Master View .

1) Go to View > Master S lide on the main menu bar to open Master View in the Workspace. The Master View toolbar also opens ( Figure 3 ). If the Master View toolbar does not open , go to View > Toolbars on the main menu bar and select Master View .

2) Create a new master slide using one of the following methods and a new master slide appears in the Slides Pane:

Click on New Master in the Master View toolbar.

R ight-click on a master slide in the Slides Pane and select New Master from the context menu.

Go to Slide > New Master on the M enu bar.

3) R ename the new master slide using one of the following methods and open the Rename Slide dialog ( Figure 4 ):

Click on Rename Master in the Master View toolbar.

Right-click on the new master slide in the Slides Pane and select Rename Master from the context menu.

4) Enter a memorable name for the new master slide in the Name text box, then click on OK to save the changes and close the dialog.

5) Make sure the new master slide is selected in the Slides Pane and add all the text, graphics and master elements that you want to use for the new master slide. The chapters in this user guide give more information on adding, editing, formatting and managing the different types of objects on a master slide.

6) When finished creating a new master slide, use one of the following methods to return to Normal View :

Click on Close Master View on the Master View toolbar.

Go to View > Normal on the Menu bar.

7) Save the presentation file before continuing.

Applying master slides

To apply a master slide to all slides or selected slides in a presentation:

1) C lick on the Master Slides icon to open the Master Slides deck on the Sidebar ( Figure 1 ).

2) Right-click on the master slide you want to use in the Used in This Presentation section in the Master Slides deck on the Sidebar.

3) Select Apply to All Slides or Apply to Selected Slides from the context menu.

Loading additional master slides

In a presentation, you may need to mix multiple master slides that may belong to different templates (for more information, see “ Working with templates ” below ). For example, you may want a completely different layout for the first slide of the presentation, or want to add a slide from a different presentation to your current presentation.

1) Select the slide or slides in the Slides Pane where you want to change the master slide.

2) Go to Slide > Change Slide Master on the Menu bar to open the Available Master Slides dialog ( Figure 5 ).

3) To add master slides, click on Load to open the Load Master Slide dialog ( Figure 6 ).

4) In the Load Master Slide dialog, select the template category and the template from which to load the master slide

5) Click OK to close the Load Master Slide dialog and the master slides from the selected template appear in the Available Master Slides dialog.

6) Select the master slide you want to use in Select a Slide Design box.

7) To apply the selected master slide to all slides in your presentation, select the Exchange background page check box.

8) To apply the slide design to the selected slides only, deselect the Exchange background page check box.

9) Click OK to apply your selection to the slides and close the Available Master Slides dialog.

Figure 5 : Available Master Slides dialog

Figure 6 : Load Master Slide dialog

Editing master slides

The following items can be changed on a master slide:

Background (color, gradient, hatching, or bitmap). See “ Selecting and applying backgrounds ” below for more information.

Background objects (for example, adding a logo or decorative graphics), See “ Adding images ” below , Chapter 4, Adding and Formatting Pictures, Chapter 5, Managing Graphic Objects, and Chapter 6, Formatting Graphic Objects for more information.

Text attributes for the main text area and notes. See “ Adding text and fields ” below and Chapter 3, Adding and Formatting Text for more information.

Size, placement, and contents of header and footer elements to appear on every slide. See “ Adding text and fields ” below and Chapter 3, Adding and Formatting Text for more information.

Size and placement of default frames for slide titles and content. See “ Default text areas ” below for more information.

Editing a master slide is as follows:

1) Select View > Master Slide from the Menu bar. This also opens the Master View toolbar ( Figure 3 ).

2) Select a master slide you want to edit in the Slides Pane so that it appears in the Workspace ( Figure 7 ).

3) Go to Slide > Properties on the Menu bar or right-click in the Workspace and select Properties from the context menu to open the Slide Setup dialog ( Figure 8 ).

4) Use the various options in the Slide , Background and Transparency pages in the Slide Setup dialog to make changes to the format of your master slide.

5) Click OK to save your changes and close the Slide Setup dialog.

6) Select an object on the master slide, then right-click on the object to open a context menu.

Figure 7 : Master slide view

Figure 8 : Slide Setup dialog

7) Select one of the options from the context menu to edit the object. Selecting an option may open another context menu, a dialog, an application or file browser window so you can make the necessary changes to your selected object.

8) Click on Close Master View on the Master View toolbar or go to View > Normal on the Menu bar to exit from editing master slides.

9) Save your presentation file before continuing.

Any changes made to a master slide when in Master Slide view will appear on all slides using the same master slide. Always make sure you close Master Slide view and return to Normal view before working on any of the presentation slides.

Any changes made to any object on a slide in Normal view (for example, changes to bullet point style, color of the title area, and so on) will not be overridden by subsequent changes made to the master slide used for that slide. However, where it is desirable to revert the formatting of a manually formatted object on a slide to the style defined in the master slide, select the object on the slide and use one of the following methods to change the formatting:

Go to Format > Clear Direct Formatting on the Menu bar.

Right-click on an object and select Clear Direct Formatting from the context menu.

Depending on the contents of a slide, you may want to apply a different layout. The title and text boxes inherit the properties of a master slide, but if you have changed the position of these text boxes in the master slide, the layout may appear corrupted. You may need to re-position some of the layout elements manually on a slide.

Selecting and applying backgrounds

Backgrounds can be applied to a number of elements in Impress (for example: slide, default text area, image and so on). The procedure is similar when applying a background to a slide or an object.

Figure 9 : Slide Setup dialog - Background page

Using slide setup

2) Select a master slide you want to edit in the Slides Pane so that it appears in the Workspace (Figure Figure 7 ).

4) Select the Background tab to open the Background page ( Figure 9 ).

5) Select the type of background required from Color , Gradient , Bitmap , Pattern and Hatch . See Chapter 6, Formatting Graphic Objects for more information on how to use the options available for each type of background selected.

6) When satisfied with your background, click OK to save your changes and close the Slide Setup dialog.

Using background style

1) Select View > Master Slide from the Menu bar. This also opens the Master View toolbar.

2) Select a master slide you want to edit in the Slides Pane so that it appears in the Workspace.

3) Click on Styles on the Sidebar to open the Styles deck.

4) Click on Presentation Styles on the Styles deck to open the Presentation Styles list ( Figure 10 ).

5) Right-click on Background style and select Modify from the context menu to open the Background dialog. This dialog has one tab ( Area ) and offers the same options as the Background page in the Slide Setup dialog ( Figure 9 ).

6) Select the type of background required from Color , Gradient , Bitmap , Pattern and Hatch . See Chapter 6, Formatting Graphic Objects for more information on how to use the options available for each type of background selected.

7) When satisfied with your background, click OK to save your changes and close the Background dialog.

Figure 10 : Styles deck on Sidebar

You can create custom fills to each type of background. See Chapter 6, Formatting Graphic Objects for more information on creating custom fills for each type of background.

Adding images

When you want the same image to appear on every slide of your presentation, the easiest and quickest solution is to use the master slide. It saves time while creating the presentation allowing you to modify or reposition the image on all slides. If the same image is added to each slide manually, modification and repositioning have to be performed on each individual slide in the presentation. In addition to images, you can add a number of other objects in the background, for example decorative lines, text, and shapes.

LibreOffice supports a large number of image and graphic formats. For more information on working with images, see Chapter 4, Adding and Formatting Pictures, Chapter 5, Managing Graphic Objects and Chapter 6, Formatting Graphic Objects.

For example, one of the most common actions in preparing a presentation is to add an image to the master slide. To insert an image already available on the computer, follow these steps:

2) Select the master slide where you want to add an image.

3) Select Insert > Image… on the Menu bar to open the file browser.

4) Navigate to the directory where your image is located and select it.

5) Click Open and the image is placed into your master slide and the file browser closes.

6) If necessary, modify and/or reposition the image on your master slide.

7) Right-click on the image and select Arrange > Send to Back from the context menu. This moves the image to the background so that any information you add to the slide when creating a presentation appears over the background image.

LibreOffice offers the option to insert an image as a link to the file rather than embedding it in your presentation. This is only useful when a presentation is not intended for distribution onto other computers and it will remain in the same computer and directory structure. For example, it could be created on a notebook computer, which is then used to give the presentation to a group of clients.

However, if the presentation file is to be distributed onto other computers, the image must be embedded to avoid the “missing image” syndrome when the presentation is given using a different computer.

Default text areas

When a master slide is opened for editing, it contains five default text areas, as shown in Figure 2 .

Title area for AutoLayouts

Object area for AutoLayouts

Footer area

Slide number area

Position and size

Click with the mouse button on any of these areas to display the selection handles around the default text area. Use these selection handles to modify the size and position of a default text area.

1) To quickly change the position of a default text area:

a) Select the default text area you want to reposition so that the selection handles are visible.

b) Move the cursor toward the border of the default text area, not on a selection handle, and the cursor changes shape. The cursor shape is dependent on your computer setup (normally a clenched hand).

c) Click the left mouse button and drag the default text are to the desired position, then release the left mouse button.

2) To quickly change the shape and/or size of a default text area:

a) Position the cursor over a left or right selection handle.

b) Click the left mouse button and drag the left or right selection handle to change the width of the default text area.

c) Position the cursor over a top or bottom selection handle.

d) Click the mouse button and drag the top or bottom selection handle to change the height of the default text area.

e) Position the cursor over a corner selection handle.

f) Click the mouse button and drag the corner selection handle to change both the height and width of the default text area at the same time.

g) Release the mouse button when the default text area is the required width or height.

The shape of the mouse cursor usually changes shape when positioned over a selection handle giving a clear visual indication of how it will affect the shape of the default text area.

Keep the Shift key pressed while dragging a selection handle to maintain the ratio between the width and height dimensions of the default text area.

Figure 11 : Position and Size dialog

To accurately control the shape, size and position of a default text area, it is recommended to use the Position and Size dialog or the Position and Size section in the Properties deck on the Sidebar.

1) Select the default text area by clicking on its border.

2) Use one of the following methods to access the options available for the position and size of a default text area:

Go to Format > Object and Shape > Position and Size on the Menu bar to open the Position and Size dialog ( Figure 11 ).

Use the keyboard shortcut F4 to open the Position and Size dialog.

Right-click on the border of the default text area and select Position and Size from the context menu to open the Position and Size dialog.

Click on Properties on the Sidebar and open the Properties deck, then open the Position and Size section ( Figure 12 ).

The functions of the Position and Size options are explained fully in the Draw Guide . Only short descriptions of the most important functions are provided as follows:

Use Position to specify the X (horizontal) and Y (vertical) position of the default text area. The values represent the distance of the selected base point and the default position is the top left corner of the slide.

Figure 12 : Position and Size section in Properties on Sidebar

Use Size to specify the width and height of the default text area.

In the Position and Size dialog only, the Base point section allows you to select a point on the rectangular area that you do not want to move while resizing. The default setting of top left corner means that the position of the top left corner of the area will not change after resizing.

Use Rotation to rotate the default text area. For example, you can place the footer area on the side by rotating each text area by 90 degrees and obtain a more modern-looking layout. In general it is preferable to use only right angles for ease of editing, although the program does not impose restrictions on the values that can be used.

Use Slant & Corner Radius page to add a corner radius to a text box border only if a visible line style has been selected. The slant options works are only available for images or shapes.

Change the type of area fill used for backgrounds in a default text area using one of the following methods. The options available depend on the type of area fill selected. See Chapter 6, Formatting Graphic Objects for more information on changing backgrounds.

Go to Format > Object and Shape > Area on the Menu bar to open the Area dialog ( Figure 13 ).

Right-click on the default text area and select Area from the context menu to open the Area dialog.

Click on Properties on the Sidebar and open the Properties deck, then open the Area section ( Figure 14 ).

Figure 13 : Area dialog

Figure 14 : Area section in Properties on Sidebar

Figure 15 : Line dialog

Figure 16 : Line section in Properties deck on Sidebar

Change the type of line used for borders in a default text area using one of the following methods. The options available in this dialog will depend on the type of line selected. See Chapter 6, Formatting Graphic Objects for more information on changing borders.

Go to Format > Object and Shape > Line on the Menu bar to open the Line dialog ( Figure 15 ).

Right-click on the object and select Line from the context menu to open the Line dialog.

Click on Properties on the Sidebar and open the Properties deck, then open the Line section ( Figure 16 ).

Change the alignment of default text area in relation to its position on a master slide or the alignment between a default text area and other objects on a master slide using one of the following methods. See Chapter 5, Managing Graphic Objects for more information on changing alignment of default text areas.

Go to Format > Align on the Menu bar and select the type of alignment from the options available in the context menu.

Right-click on the object and select Align from the context menu, then select the type of alignment from the options available in the context menu.

Click on the downward triangle ▼ to the right of Align on the Line and Filling toolbar and select the type of alignment from the options available.

Select the required alignment tool in the Position and Size section on the Properties deck on the Sidebar ( Figure 12 ).

Arrangement

Arrange the position of an object on a slide in relation to other objects on a slide using one of the following methods. See Chapter 5, Managing Graphic Objects for more information on changing position of default text areas in relation to other objects.

Go to Format > Arrange on the Menu bar and select the type of arrangement from the options available in the context menu.

Right-click on the object and select Arrange from the context menu, then select the type of arrangement from the options available in the context menu.

Click on the required arrangement tool on the left end of the Line and Filling toolbar.

Select the required arrangement tool in the Position and Size section on the Properties deck on the Sidebar.

Adding text and fields

Adding text and fields to a master slide allows you to place information that you want to appear on all the slides in your presentation: for example a presentation title, company name and logo, date and slide number. For more information on adding and formatting text and fields, see Chapter 3, Adding and Formatting Text.

Text objects can be placed anywhere on the master page so that it appears on every slide in your presentation. Text objects can also be placed in the footer if you do not want to use the default fields in the footer of your presentation.

1) Select View > Master Slide from the Menu bar to open the master slide view . This also opens the Master View toolbar ( Figure 3 ).

2) Select the master slide where you want to add a text object so that it appears in the Workspace.

3) Switch on text editing mode using one of the following methods. The Text Formatting toolbar ( Figure 17 ) automatically opens replacing the Line and Filling toolbar.

Select Insert Text Box on the Standard or Drawing toolbar.

Go to Insert > Text Box on the Menu bar.

Use the keyboard shortcut F2 .

4) Click once on the master slide so that a text box is created and there is a flashing cursor inside the text box .

5) Type or paste your text into the text object.

6) Format the text after placing it on your master slide. See Chapter 3, Adding and Formatting Text for more information.

7) Click outside the text object to close the Text Formatting toolbar and reopen the Line and Filling toolbar.

8) Click Close Master View on the Master View toolbar or go to View > Normal on the Menu bar when you have completed adding and formatting text to your master slide.

Default footer sections

By default, the footer used in a slide consists of three sections ( Figure 2 ) with each section containing a default field as follows:

Left section – date and time and is labeled Date Area . Field name is <date/time> .

Figure 17 : Text Formatting toolbar

Figure 18 : Header and Footer dialog

Center section – footer text and is labeled Footer Area . Field name is < footer > . This section could be used for the presentation title, file name and so on.

Right section – slide number and is labeled Slide Number Area . Field name is <number> .

Header and Footer dialog

The default footer fields are set up as follows using the Header and Footer dialog ( Figure 18 ):

3) Select Date and Time for the date and time to appear in the left section of the footer.

For a fixed date and time in the left footer section, select Fixed and enter the date you want to use in the Fixed text box.

For a variable date and time in the left footer section, select Variable , then select the format and language you want to use from the Format and Language drop down lists. Using a variable date and time means that each time the presentation is opened, the date and time are updated.

4) To place text in the footer center section, select Footer and then type or paste your text into the Footer text input field .

5) To place the slide number in the right section of the footer, select Slide number .

6) If you do not want the footer to appear on the first slide of your presentation, select Do not show on the first slide . The first slide is normally the title slide of your presentation.

7) Click Apply to save your changes and close the Header and Footer dialog.

8) To format the text used for the default footer fields, see Chapter 3 Adding and Formatting Text for more information.

9) Click Close Master View on the Master View toolbar or go to View > Normal on the Menu bar when you have completed setting up the default footer fields .

The default sections in a footer can be formatted, resized and re-positioned. See “ Default text areas ” above for more information.

Custom footer sections

The default fields in a footer section can be replaced with text or manual fields as follows:

2) Highlight the default field in the footer section and press the Delete or Backspace key. A flashing text cursor will appear in the footer section and the Text Formatting toolbar automatically opens replacing the Line and Filling toolbar.

3) Type in your text or insert a manual field into the footer section. For more information on manual fields, see “ Manual fields ” below .

4) Format the text or manual field placed in the footer section. See Chapter 3, Adding and Formatting Text for more information.

5) Click outside the footer section to close the Text Formatting toolbar and reopen the Line and Filling toolbar.

6) Click Close Master View on the Master View toolbar or go to View > Normal on the Menu bar when you have completed setting up a custom footer section.

Manual fields

Manual fields, for example date or page number (slide number), can be added as text objects on a master slide or replace one of the default footer fields. The fields you can use in Impress are:

Date (fixed)

Date (variable) – updates automatically when you open the presentation again.

Time (fixed)

Time (variable) – updates automatically when you open the presentation again and each time you open a slide more than once during a presentation.

Author – first and last names listed in the LibreOffice user data.

Slide number

Slide Title

Slide Count

To place a field on your master slide:

2) Click anywhere on the master slide.

3) Go to Insert > Field on the Menu bar and select the required field from the context menu.

4) By default the field is placed in the center of the master slide. Reposition the field text box to the desired position on your master slide. See “ Default text areas ” above for more information.

5) To format the text used in a field, see Chapter 3 Adding and Formatting Text for more information.

6) Click Close Master View on the Master View toolbar or go to View > Normal on the Menu bar when you have completed replacing the default footer fields.

To replace a default footer field on your master slide:

2) Highlight all of the characters used in the default field you want to replace in the footer.

4) To format the text used in a field, see Chapter 3 Adding and Formatting Text for more information.

5) Click Close Master View on the Master View toolbar or go to View > Normal on the Menu bar when you have completed replacing the default footer fields.

To change the number format (1, 2, 3 or a, b, c or i, ii, iii, and so on) for the slide number, go to Slide > Properties on the Menu bar and select in Layout Settings the type of number to use from the Slide numbers : drop down list..

To change the author information, go to Tools > Options > LibreOffice > User Data on the Menu bar.

Working with styles

A style is a set of formats that you can apply to selected elements such as slides, text, lists, frames, borders, lines and area fills in a presentation to quickly set or change their appearance. Applying a style means applying a group of formats at the same time providing a consistent look to your presentation. For example, to manually change an attribute on the same object type on every slide in your presentation is time consuming and prone to errors. Using styles reduces time and provides greater accuracy.

Impress has two types of styles available for formatting text and graphic objects – presentation styles and drawing styles.

For information on formatting text, see Chapter 3, Adding and Formatting.

For information on formatting graphic objects, see Chapter 6, Formatting Graphic Objects and the Draw Guide.

More information on styles used in LibreOffice can be found in the Getting Started Guide .

The presence of text and title styles both in the presentation and drawing styles may seem confusing. This apparent duplication is because Impress uses special text boxes (auto layout boxes) when adding structured text to slides where presentation styles apply. The title and other text styles in drawing styles are used on any other text boxes you may want to add, or text associated with shapes or lines.

Presentation styles

Presentation styles in Impress are used when creating a presentation using one of the Impress slide layouts. These presentation styles are divided into four categories.

Background and Background objects – are used to format objects on the default master slide such as icons, decorative lines, and shapes.

Notes – formats the text used in presentation notes.

Outline 1 thru Outline 9 – are used for the different levels of the outline to which they belong. For example, Outline 2 is used for the sub-points of Outline 1, Outline 3 is used for the sub-points of Outline 2 and so on.

Subtitle and Title – formats the text used for any titles or subtitles used on slides.

As with the Heading styles in Writer, the Outline styles in Impress are hierarchically linked. For example, a change to an attribute in the Outline 1 style will cascade through all the other styles for Outline levels.

The default master slide and slide layouts in Impress use auto layout boxes. Presentation styles can only be used within these auto layout boxes. An example of text using these presentation styles is shown in Figure 2 .

Any text added to a slide using the text tools available is automatically placed in a standard text box and allocated the Default Drawing Style from Drawing Styles. For more information on formatting text, see Chapter 3, Adding and Formatting Text.

Presentation styles cannot be created or deleted, but can be formatted, modified or updated to your requirements. Also, you cannot change the presentation style used for an object with another presentation style. For example, text with Outline 2 style cannot be changed to Outline 3 style.

Changing outline levels is done in normal view using the Tab key or Shift+Tab key combination or the Promote and Demote tools on the Outline toolbar. See Chapter 3, Adding and Formatting Text for more information.

Drawing styles

Drawing styles in Impress define the characteristics of graphic objects (including text objects) that you place on a slide. These styles include attributes for line, area, shadowing, transparency, text, connectors and dimensioning.

For example, if you need to create organization charts in your presentation, you will probably want all of the objects to have a consistent appearance, such as line style, font type, shadow, and so on. The easiest way to achieve this result with the minimum effort is to use a drawing style for the objects and apply it to each object. The major benefit is that if you decide to change, say, the background color of objects, all you need to do is modify the style rather than each individual object.

Drawing styles included with Impress cannot be deleted, but you can format, modify and update drawing styles. You can also create new or custom styles, see “ Custom styles ” below . Any custom style created is only available in the presentation where it was created.

Accessing styles

Use one of the following methods to access or modify styles available in Impress:

Use the keyboard shortcut F11 (Windows and Linux) or ⌘+T (macOS).

Go to Format > Styles on the Menu bar.

Click on Show the Styles Sidebar located on the Line and Filling toolbar.

Click on Styles on the Sidebar to open the Styles deck.

Editing styles

Formatting presentation and drawing styles can be carried out in either Normal or Master Slide view. Formatting options are available in dialogs for each style or using Format in the Menu bar. For more information on formatting text and objects, see Chapter 3, Adding and Formatting Text and Chapter 6, Formatting Graphic Objects.

Dialog formatting

1) Select an object on a slide or master slide and its style is highlighted in the Styles deck on the Sidebar.

2) Go to Format > Styles > Edit Style on the Menu bar or right-click on the highlighted style in the Styles deck on the Sidebar to open the formatting dialog for the selected style. An example dialog for Outline 1 style is shown in Figure 19 .

3) Use the various options available in the tabbed pages of the dialog to format the style.

4) Click OK to save your formatting changes and close the dialog.

Clicking on Reset before clicking OK removes all formatting changes you have made in the style formatting dialog.

Figure 19 : Example dialog for formatting styles

Format menu

1) Open the Styles deck on the Sidebar. See “ Accessing styles ” above for more information.

2) Go to Format on the Menu bar to open a drop down menu with various formatting options available. Depending on the object selected, some formatting options will not be available and are greyed out.

3) Select a formatting option from the drop down menu. Depending on the option selected, another drop down menu may open giving further formatting options or a formatting dialog will open.

2) Click on Presentation Styles or Drawing Styles at the top left of the Styles deck to open the list of presentation or drawing styles.

3) Right-click on the style you want to modify and select Modify from the context menu to open the formatting dialog for the style selected. An example dialog for Outline 1 style is shown in Figure 19 .

4) Make the necessary changes to the selected presentation or drawing style using the various options available in the dialog that has opened.

5) Click OK to save your changes and close the dialog.

Updating a presentation or drawing style is similar to modifying, but you make format changes to the text or object first. Updating styles can only be carried out in Normal view.

1) Select the text or object on your slide in Normal view.

2) Use the various tools on the Text Formatting toolbar, Line and Filling toolbar, or the options in Format on the Menu bar to format the selected object.

3) Open the Styles deck on the Sidebar. See “ Accessing styles ” above for more information.

4) Click on Presentation Styles or Drawing Styles at the top left of the Styles deck to open the list of styles. The style used for the selected object will be highlighted.

5) Click on Update Style at the top right of the Styles deck and the style is updated to include the formatting changes you have made to the selected object.

Custom styles

You cannot create custom presentation styles in Impress, but you can create custom drawing styles. These custom drawing styles are only available for the presentation that you are creating.

1) Create or select the object on your slide you want to use for creating a new drawing style.

2) Format the object to your requirements using the various formatting options available in the Text Formatting toolbar, Line and Filling toolbar, or the options in Format on the Menu bar.

3) Open the Styles deck on the Sidebar. See “ Accessing styles ” above for more information.

4) Click on Drawing Styles at the top left of the Styles deck to open the list of drawing styles.

Figure 20 : Create Style dialog

5) Click on New Style from Selection at the top right of the Styles deck and the Create Style dialog opens ( Figure 20 ).

6) Enter a name for your custom style in the Style Name text box.

7) Click OK to close the Create Style dialog. The custom style is created and appears in the drawing styles list in the Styles deck on the Sidebar.

Direct formatting

Direct formatting overrides any formatting applied to an object when a style is used. You cannot remove direct formatting from an object by applying a style to it. To remove any direct formatting, select the object so that the selection handles are visible, then use one of the following methods to clear any direct formatting:

Use the keyboard shortcut Ctrl+Shift+M .

Go to Format > Clear Direct Formatting in the Menu bar.

If the object is a text object, highlight all of the text and then click on Clear Direct Formatting on the Text Formatting toolbar.

If the object is a text object, highlight all of the text, right-click on the selected text and select Clear Direct Formatting from the context menu .

Linked styles

Impress styles support inheritance which allows a style to be linked to another (parent) style so that it inherits all the formatting settings of the parent. This inheritance creates families of styles.

For example, if you require multiple boxes that differ in color, but are otherwise identically formatted, the best way to proceed is to define a style for the box including borders, area fill, font, and so on and a number of styles that are hierarchically dependent which differ only in the fill color attribute. If you need to change the font size or the thickness of the border, you only have to change the parent style and all the other styles will change accordingly.

Assigning styles keyboard shortcuts

LibreOffice provides a set of predefined keyboard shortcuts which allow you to quickly apply styles while working with a document. You can redefine these shortcuts or define your own, as described in Appendix A, Keyboard Shortcuts.

Working with templates

A template is a special type of presentation that you use as a basis to create your presentations. For example, you can create a template for business presentations so that any new presentations has your company logo, name and information on the first slide and the remaining slides in your presentation only show the company logo and name.

Templates can contain anything that presentations can contain, such as text, graphics, a set of styles, and user-specific setup information such as measurement units, language, the default printer, and toolbar and menu customization.

All document types created using LibreOffice are based on templates. You can create a specific template for any document type (text, spreadsheet, drawing, presentation). If you do not specify a template when you start a new document, then the default template for that type of document is used. If you have not specified a default template, LibreOffice uses the blank template for that type of document that is installed with LibreOffice. This default template can be changed, see “ Setting default template ” below for more information.

However, Impress is a little different from other LibreOffice components, in that it starts with the Select a Template dialog ( Figure 21 ), unless you have decided to turn off this dialog in LibreOffice options. When you create a presentation, if the template dialog is active, it opens offering several choices for templates as a starting point for your presentation.

If you have turned off the Select a Template dialog when creating a new presentation, LibreOffice uses the LibreOffice default template for presentations. If you have defined your own default template, LibreOffice uses your default template when you create a presentation.

For more information on templates and how to use them, see the Getting Started Guide .

Figure 21 : Select a Template dialog

Templates supplied with LibreOffice

Impress comes with a set of predefined templates. These templates only contain backgrounds and background objects providing you with a starting point to create your own presentations or presentation templates.

Any templates that you create will be located in the My Templates folder after you have saved your presentation as a template. Your templates will appear in the LibreOffice startup window and the Select a Template dialog the next time you start LibreOffice.

Use one of the following methods to create a new presentation using a template:

Click on the small down arrow▼ on the right of Templates in LibreOffice start up window and then select Impress Templates from the context menu to display the available presentation templates. Select a template and a new presentation opens.

Go to File > New > Templates on the Menu bar to open the Templates dialog (this dialog is similar to the Select a Template dialog in Figure 21 ). Select Presentations from the Filter drop down list to display presentation templates. Select a presentation template and click OK . The dialog closes and a new presentation opens.

Use the keyboard shortcut Shift+Ctrl+N to open the Templates dialog (this dialog is similar to the Select a Template dialog in Figure 21 ). Select Presentations from the Filter drop down list to display presentation templates. Select a presentation template and click OK . The dialog closes and a new presentation opens.

Creating templates

Create a template and save it to a template folder as follows:

1) Open the presentation that you want to use for a template, or open a template that you want to use as a basis for your template.

2) Add and format content and styles to your presentation.

3) Go to File > Templates > Save As Template on the Menu bar to open the Save as Template dialog ( Figure 22 ).

4) Enter a name for the new template in the Template Name text box.

Figure 22 : Save As Template dialog

5) Select a destination folder for the new template.

6) If required, select the option Set as default template to use as the default template the next time you open LibreOffice and do not select a template. See “ Setting default template ” below for more information on default templates.

7) Click on Save to save your template and close the Save as Template dialog. Your templates will appear in the LibreOffice startup window and the Select a Template dialog the next time you start LibreOffice.

Setting default template

If you create a new presentation and do not select a template, LibreOffice creates the presentation from the default Impress template. This is normally a blank template. However, you can set any presentation template to be the default template, even a template that you have created. The template has to be located in a folder displayed in the Save as Template dialog so that LibreOffice can find it. You can always reset to the default template back to the LibreOffice default template later if you choose.

Changing default template

1) Use one of the following methods to open the Select a Template dialog ( Figure 21 ):

Go to File > New > Templates on the Menu bar.

Go to File > Templates > Manage Templates on the Menu bar.

2) Select the template you want to use as the default LibreOffice presentation template.

3) Right click on the selected template and select Set as Default from the context menu.

4) Click on Open and a new presentation opens using the new default template and sets the default presentation template in LibreOffice. The next time that you create a new presentation and do not select a template, the presentation will be created using the new default presentation template.

Resetting default template

To reset the default presentation template back to the original LibreOffice default template for presentations:

2) Click on Settings and select Reset Default Template > Presentation from the context menu. The next time that you create a new presentation and do not select a template, the presentation will be created using the default LibreOffice template for presentations.

Editing templates

You can edit template styles and content and reapply the template styles to presentations that were created from that template.

Click on the small down arrow▼ on the right of Templates in LibreOffice start up window and select Impress Templates from the context menu.

2) Right click on the template you want to edit and select Edit from the context menu and the template will open in Impress.

3) Carry out your editing updates of any styles, text and/or objects on the selected template.

4) Go to File > Save on the Menu bar or use the keyboard shortcut Ctrl+S to save your changes.

5) Close the template or create a presentation using the edited template.

Any presentation created from the template before editing can be updated to show the changed template settings the next time you open the presentation after template editing. A confirmation dialog opens asking if you want to use the updated styles or keep the old styles. If select to the keep the old styles, then the presentation will continue to use the old styles without any confirmation.

Organizing templates

LibreOffice can only use templates that are in LibreOffice template folders (categories). You can create new LibreOffice template folders or categories and use them to organize your templates. For example, separate template categories for different projects or clients. You can also import and export templates.

The location of LibreOffice template folders varies with your computer operating system. To learn where the template folders are stored on your computer, go to Tools > Options > LibreOffice > Paths .

Creating template categories

2) Right click on Settings and select New Category from the context menu.

3) Enter a category name in Enter category name text box that has opened ( Figure 23 ).

4) Click OK to save your new category and the category will appear in the drop down list for categories filter at the top of the Select a Template dialog.

Figure 23 : Creating new category

Deleting template categories

You cannot delete the template categories supplied with LibreOffice or installed using the Extension Manager. You can only delete categories that you have created.

2) Right click on Settings and select Delete Category from the context menu to open the Delete Category dialog ( Figure 24 ).

3) Select the category you want to delete.

4) Click OK to delete the category and confirm the deletion.

Figure 24 : Delete Category dialog

Figure 25 : Select Category dialog

Moving templates

To move a template from one category to another category:

2) Select the template you want to move and click on Move .

3) Select a category from the dis[played list or select Create a New Category in the Select Category dialog ( Figure 25 ).

4) Click OK to move the template to its new category and close the Select Category dialog.

Deleting templates

You cannot delete the templates supplied with LibreOffice or installed using the Extension Manager. You can only delete templates that you have created or imported.

2) Right click on the template you want to delete and select Delete from the context menu.

3) Click on Yes to confirm the deletion.

Importing templates

If the template that you want to use is in a different location on your computer, you must import it into a LibreOffice template folder for LibreOffice to recognize the template.

2) Click Import and the Select Category dialog ( Figure 25 ) opens.

3) Select a category from the dis[played list or select Create a New Category in the Select Category dialog.

4) In the file browser window that opens, navigate to the folder where your template is located on your computer that you want to import.

5) Select the template and click Open . The file browser window closes and the template appears in the selected category.

Exporting templates

2) Select the template you want to export, then click on Export to open a file browser window.

3) Navigate to the folder where you want to export the template and click on Select . The template is exported and the file browser window closes.

LibreOffice Templates for presentations

Last updated on April 29th, 2024

Our site has lot of free PowerPoint templates that you can download for free to speed up and enhance your presentations at work or school. However, sometimes our free PowerPoint templates are not suitable or good enough to fit your presentation needs. LibreOffice is a free alternative to PowerPoint as a free presentation authoring tool and software. The master slides in LibreOffice allow you to customize presentations and reuse then in any future presentation as templates.

You can download free Impress templates from the official website. This helps to make repetitive jobs fast and easy, and to ensure you get a perfect presentation to your documents every time. Using LibreOffice with custom templates for all kinds of needs help to speed up the presentation authoring task.

LibreOffice Template Center

LibreOffice Template Center is the webpage where you can browse or download LibfeOffice templates for your needs. The site is accessible here http://templates.libreoffice.org/

The templates center for LibreOffice has lot of free templates to be used in Impress as well as other programs in the suite, like Writer, Calc and Math. You can download many templates from the site for free and then import it in your LibreOffice presentation.

How to make any presentation template ready for LibreOffice?

While the collection of presentation templates for LibreOffice is very small, it is still possible to use any PowerPoint presentation template as a template for Impress.

You can open a PowerPoint presentation in LibreOffice Impress and edit the presentation or play the slideshow. Some files are complex and have compatibility problems, especially if the presentation uses features that are only available in some versions of PowerPoint (for example, the 3D models, or Morph animations). But in most cases, you will be able to use presentation templates from PowerPoint into Libre Office.

Furthermore, you can browse our collection of free presentation templates for PowerPoint and use them in LibreOffice impress.

The procedure is simple. Go to download any PPT of your choice, then open it in LibreOffice, and save it as a .odp file. This way, you can use LibreOffice impress templates from PowerPoint.

We will send you our curated collections to your email weekly. No spam, promise!

Got any suggestions?

We want to hear from you! Send us a message and help improve Slidesgo

earth science

84 templates

philippines

43 templates

sunday school

64 templates

welcome back

85 templates

56 templates

Animated Presentation templates

Enjoy our wonderful animated presentation templates for google slides and powerpoint and customize them to your liking to give an entertaining pitch..

Calendar & Weather
Infographics
Marketing Plan
Project Proposal
Social Media
Thesis Defense
Black & White
Craft & Notebook
Floral & Plants
Illustration
Interactive & Animated
Professional
Instagram Post
Instagram Stories

It seems that you like this template!

Register for free and start downloading now

Animated intro for social media platforms.

Are you describing how your company is going to publish content on social media? Are you defining what, when and how everything is going to be published for the next quarter? You can do so with this new template, that has been created for PowerPoint only. What is its special...

Bad Habits - How to avoid them?

Download the Bad Habits - How to avoid them? presentation for PowerPoint or Google Slides and start impressing your audience with a creative and original design. Slidesgo templates like this one here offer the possibility to convey a concept, idea or topic in a clear, concise and visual way, by...

Operations and Algebraic Thinking: Operations of Powers With the Same Exponent presentation template

Premium template

Unlock this template and gain unlimited access

Operations and Algebraic Thinking: Operations of Powers With the Same Exponent

Download the Operations and Algebraic Thinking: Operations of Powers With the Same Exponent presentation for PowerPoint or Google Slides and teach with confidence. Sometimes, teachers need a little bit of help, and there's nothing wrong with that. We're glad to lend you a hand! Since Slidesgo is committed to making...

Motion Graphics App Pitch Deck

You have designed the perfect app for motion graphics, how can you present it now very visually and still keeping your company’s essence? Check out this template for PowerPoint! It’s perfect for an app pitch deck for your product. The 3D shapes floating over the soft slides will make your...

PR Strategy

Download the PR Strategy presentation for PowerPoint or Google Slides and start impressing your audience with a creative and original design. Slidesgo templates like this one here offer the possibility to convey a concept, idea or topic in a clear, concise and visual way, by using different graphic resources. You...

Hackers Academy

Download the Hackers Academy presentation for PowerPoint or Google Slides. Are you looking for a way to make your school academy stand out among the competition? This template is designed to showcase all the fantastic aspects of your center. With perfect slides that allow you to easily add information about...

Online Academy

Download the Online Academy presentation for PowerPoint or Google Slides. Are you looking for a way to make your school academy stand out among the competition? This template is designed to showcase all the fantastic aspects of your center. With perfect slides that allow you to easily add information about...

Falling Snow Animation

Download the Falling Snow Animation presentation for PowerPoint or Google Slides and start impressing your audience with a creative and original design. Slidesgo templates like this one here offer the possibility to convey a concept, idea or topic in a clear, concise and visual way, by using different graphic resources....

Elegant Workplan

Developing a successful business plan can be challenging, but with the right tools at your disposal, it becomes much simpler. This template is a comprehensive document that allows you to outline your business goals, strategies, and financial projections in a professional and aesthetically pleasing way. The full suite of resources...

George Orwell's 1984 Thesis

Download the George Orwell's 1984 Thesis presentation for PowerPoint or Google Slides. Congratulations, you have finally finished your research and made it to the end of your thesis! But now comes the big moment: the thesis defense. You want to make sure you showcase your research in the best way...

Interactive Classroom Icebreakers

Download the Interactive Classroom Icebreakers presentation for PowerPoint or Google Slides and easily edit it to fit your own lesson plan! Designed specifically for elementary school education, this eye-catching design features engaging graphics and age-appropriate fonts; elements that capture the students' attention and make the learning experience more enjoyable and...

Jungle-themed Personal Organizer for Elementary School

Download the Jungle-themed Personal Organizer for Elementary School presentation for PowerPoint or Google Slides and easily edit it to fit your own lesson plan! Designed specifically for elementary school education, this eye-catching design features engaging graphics, and age-appropriate fonts; elements that capture the students' attention and make the learning experience...

Digital Notebook for Students

Download the Digital Notebook for Students presentation for PowerPoint or Google Slides and start impressing your audience with a creative and original design. Slidesgo templates like this one here offer the possibility to convey a concept, idea or topic in a clear, concise and visual way, by using different graphic...

Spring Woods

Download the "Spring Woods" presentation for PowerPoint or Google Slides and start impressing your audience with a creative and original design. Slidesgo templates like this one here offer the possibility to convey a concept, idea or topic in a clear, concise and visual way, by using different graphic resources. You...

Consulting with Morph Transition

You help companies maximize their performance, you help them identify potential areas of improvement, you help them optimize their costs. Ah, what would many businesses do without consultants... And what would many consultants do without Slidesgo? Today is the day we publish this template created exclusively for PowerPoint. Along with...

Interactive Digital Marketing Canvas

Ready to change the way you see marketing? Here's a digital and interactive marketing canvas, created entirely in PowerPoint, where each slide is a place in which to create magic, marketing magic. The palette is full of energetic colors, and everything is totally customizable. Run one of the most popular...

Full Black and White Planner

Download the Full Black and White Planner presentation for PowerPoint or Google Slides and start impressing your audience with a creative and original design. Slidesgo templates like this one here offer the possibility to convey a concept, idea or topic in a clear, concise and visual way, by using different...

Organic Shapes Design for Business

Explore the world of creativity with this design. This ingeniously designed template is an ideal match for PowerPoint presentations that demand vibrancy and intuitiveness. It comprises a variety of animated, simple, and interactive elements that bring an enthralling visual experience. Elevate your presentation's appeal with this unique combination of simplicity...

Page 1 of 28

Sort order:

Add tag filters:

Presentation Sapins et tilleuls

A nice presnetation in shades of green with some animated shapes.

Not rated yet

Modern Curriculum Vitae (Resume, CV)

An elegant template with a two columns section on the top of the first page.

Curriculum Vitae (Resume, CV) Frigeri

Two columns on the first page. A template inspired by the template for LaTeX: Frigeri.

CV (Resume, Curriculum Vitae) Jade

A template with a photo and level indicators, no frame, no table except from the level, no custom style.

Curriculum Vitae (Resume, CV) barres bleues ou grises

Two versions, the template mainly uses standard styles.

Curriculum Vitae (Resume, CV) flèches jaunes

A template easy to use. Frames on the left of the first page for contact informations and so on.

Letter with headers and footer

Letter with headers and footer that automatically filled with the properties of the file. Second page is different from the first one. Lettre avec entête et pied de page remplis automatiquement. Deuxième page différente.

★ ★ ★ ☆ ☆

Curriculum Vitae (Resume, CV) cahier d’école

A CV with a frame on the first page.

Curriculum Vitae (Resume, CV) filets turquoise

A template that uses mainly standard styles. The left column is a frame.

Calc sheet for knitting chart

Template of a Calc sheet to draw knitting charts.

Calculateur de chaussettes

Pour savoir combien de mailles monter et de rangs tricoter. En français.

The Read Text Extension lets an external program or web application read text from LibreOffice Writer, Calc, Draw, Impress, Web Writer or the system clipboard.

How many squares

To transform letters in colours and in numbers in pixel-art project including knitting.

Presentation Framboise écrasée

A three part presentation with some animated shapes. It will be easy to adapt if necessary. 5 master slides.

OOO Development Tools (OooDev)

This project brings to power of OOO Development Tools (OooDev) to LibreOffice as an extension.

localwriter

A LibreOffice Writer extension that adds local-inference generative AI features.

TheCAT (the Calc Audit Tool) is a tool to document your Calc spreadsheets structure and components.

English Dictionary

English dictionaries for LibreOffice 4.0+

★ ★ ★ ★ ☆

This is a demo theme extension created for testing purposes.

APSO - Alternative Script Organizer for Python

Based on an original script from Hanya, APSO will install a macro organizer dedicated to python scripts.

Calendrier mensuel

Feuille de calcul qui génère un calendrier mensuel configurable et imprimable. Exemple d'utilisation de diverses fonctions de recherche, dates et utilisation intensive de formats conditionnels. Paramètres : noms des jours de la semaine et des mois dans

Marathi Spellchecker

includes synonyms, auto-correct, auto-text and hyphenation rules

Consulting Blue - IBM Plex Sans

A professional and clean presentation template featuring IBM Plex Sans font, ideal for consultants and business presentations.

Bordures multicolores pour un rapport, un dossier, etc.

A set of nine templates based on the old template Simple multicolored border with different colors.

SanityCheck

Macros to unify the format and styles of LibreOffice guides

ESKD Templates

Create ESKD documentation using netlist of KiCad project

★ ★ ★ ★ ★

novelibre-tools

Extension with tools for processing text documents in connection with the novelibre writing program.

o2k10 Color Palette is color palette for LibreOffice like Microsoft Office 2003, 2010, 2016 color palette.

Perpetual Calendar

A perpetual calendar that adapt to the language installed on the system.

TexMaths is an addon designed to provide LaTeX support into LibreOffice. LaTeX equations can be inserted as images (SVG or PNG formats) and the LaTeX code is saved into the image attribute for further editing.

★ ☆ ☆ ☆ ☆

An official website of the United States government

Here’s how you know

Official websites use .gov A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS A lock ( Lock A locked padlock ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Free Cyber Services #protect2024 Secure Our World Shields Up Report A Cyber Issue

Vulnerability Summary for the Week of August 5, 2024

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

High : vulnerabilities with a CVSS base score of 7.0–10.0
Medium : vulnerabilities with a CVSS base score of 4.0–6.9
Low : vulnerabilities with a CVSS base score of 0.0–3.9

Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.

High Vulnerabilities

Primary Vendor -- Product	Description	Published
10web--Slider by 10Web Responsive Image Slider	The Slider by 10Web - Responsive Image Slider plugin for WordPress is vulnerable to time-based SQL Injection via the 'id' parameter in all versions up to, and including, 1.2.57 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.	2024-08-08
Alien Technology--ALR-F800	A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/system.html. The manipulation of the argument uploadedFile with the input ;whoami leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2024-08-07
Alien Technology--ALR-F800	A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. It has been classified as critical. Affected is an unknown function of the file /var/www/cmd.php. The manipulation of the argument cmd leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2024-08-07
AMD--3rd Gen AMD EPYC Processors	Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in loss of confidentiality and integrity.	2024-08-05
Apache Software Foundation--Apache CloudStack	CloudStack account-users by default use username and password based authentication for API and UI access. Account-users can generate and register randomised API and secret keys and use them for the purpose of API-based automation and integrations. Due to an access permission validation issue that affects Apache CloudStack versions 4.10.0 up to 4.19.1.0, domain admin accounts were found to be able to query all registered account-users API and secret keys in an environment, including that of a root admin. An attacker who has domain admin access can exploit this to gain root admin and other-account privileges and perform malicious operations that can result in compromise of resources integrity and confidentiality, data loss, denial of service and availability of CloudStack managed infrastructure. Users are recommended to upgrade to Apache CloudStack 4.18.2.3 or 4.19.1.1, or later, which addresses this issue. Additionally, all account-user API and secret keys should be regenerated.	2024-08-07
Apache Software Foundation--Apache OFBiz	Incorrect Authorization vulnerability in Apache OFBiz. This issue affects Apache OFBiz: through 18.12.14. Users are recommended to upgrade to version 18.12.15, which fixes the issue. Unauthenticated endpoints could allow execution of screen rendering code of screens if some preconditions are met (such as when the screen definitions don't explicitly check user's permissions because they rely on the configuration of their endpoints).	2024-08-05
Arm Ltd--Bifrost GPU Kernel Driver	Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r41p0 through r49p0; Valhall GPU Kernel Driver: from r41p0 through r49p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p0.	2024-08-05
Arm Ltd--Bifrost GPU Kernel Driver	Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r41p0 through r49p0; Valhall GPU Kernel Driver: from r41p0 through r49p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r49p0.	2024-08-05
asterisk--asterisk	Asterisk is an open source private branch exchange (PBX) and telephony toolkit. Prior to asterisk versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2, an AMI user with `write=originate` may change all configuration files in the `/etc/asterisk/` directory. This occurs because they are able to curl remote files and write them to disk, but are also able to append to existing files using the `FILE` function inside the `SET` application. This issue may result in privilege escalation, remote code execution and/or blind server-side request forgery with arbitrary protocol. Asterisk versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2 contain a fix for this issue.	2024-08-08
Calibre--Calibre	Improper access control in Calibre 6.9.0 ~ 7.14.0 allow unauthenticated attackers to achieve remote code execution.	2024-08-06
Calibre--Calibre	Path traversal in Calibre <= 7.14.0 allow unauthenticated attackers to achieve arbitrary file read.	2024-08-06
Canonical Ltd.--wpa_supplicant	An issue was discovered in Ubuntu wpa_supplicant that resulted in loading of arbitrary shared objects, which allows a local unprivileged attacker to escalate privileges to the user that wpa_supplicant runs as (usually root). Membership in the netdev group or access to the dbus interface of wpa_supplicant allow an unprivileged user to specify an arbitrary path to a module to be loaded by the wpa_supplicant process; other escalation paths might exist.	2024-08-07
Cisco--Cisco Small Business IP Phones	Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system with root privileges. These vulnerabilities exist because incoming HTTP packets are not properly checked for errors, which could result in a buffer overflow. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to overflow an internal buffer and execute arbitrary commands at the root privilege level.	2024-08-07
Cisco--Cisco Small Business IP Phones	Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system with root privileges. These vulnerabilities exist because incoming HTTP packets are not properly checked for errors, which could result in a buffer overflow. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to overflow an internal buffer and execute arbitrary commands at the root privilege level.	2024-08-07
Cisco--Cisco Small Business IP Phones	Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly. These vulnerabilities exist because HTTP packets are not properly checked for errors. An attacker could exploit this vulnerability by sending a crafted HTTP packet to the remote interface of an affected device. A successful exploit could allow the attacker to cause a DoS condition on the device.	2024-08-07
codename065--MultiPurpose	The MultiPurpose theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.0 via deserialization of untrusted input through the 'wpeden_post_meta' post meta. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.	2024-08-08
codename065--News Flash	The News Flash theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1.0 via deserialization of untrusted input from the newsflash_post_meta meta value. This makes it possible for authenticated attackers, with Editor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.	2024-08-08
crmperks--CRM Perks Forms WordPress Form Builder	The CRM Perks Forms plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'handle_uploaded_files' function in versions up to, and including, 1.1.3. This makes it possible for authenticated attackers with administrator-level capabilities or above, to upload arbitrary files on the affected site's server which may make remote code execution possible.	2024-08-06
Delta Electronics--DIAScreen	A crafted DPA file could force Delta Electronics DIAScreen to overflow a stack-based buffer, which could allow an attacker to execute arbitrary code.	2024-08-06
ForIP Tecnologia--Administrao PABX	A vulnerability was found in ForIP Tecnologia AdministraÃ§Ã£o PABX 1.x. It has been rated as critical. Affected by this issue is some unknown functionality of the file /authMonitCallcenter of the component monitcallcenter. The manipulation of the argument user leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-273554 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2024-08-05
Google--Chrome	Use after free in Downloads in Google Chrome on iOS prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	2024-08-06
Google--Chrome	Use after free in Loader in Google Chrome prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	2024-08-06
Google--Chrome	Use after free in Dawn in Google Chrome prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	2024-08-06
Google--Chrome	Heap buffer overflow in Layout in Google Chrome prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)	2024-08-06
Google--Chrome	Use after free in Tabs in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)	2024-08-06
Google--Chrome	Use after free in User Education in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)	2024-08-06
Google--Chrome	Use after free in CSS in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)	2024-08-06
Google--Chrome	Out of bounds memory access in ANGLE in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)	2024-08-06
Google--Chrome	Use after free in Sharing in Google Chrome on iOS prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	2024-08-06
Google--Chrome	Heap buffer overflow in Layout in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	2024-08-06
Google--Chrome	Inappropriate implementation in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	2024-08-06
Google--Chrome	Use after free in WebAudio in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	2024-08-06
Google--Chrome	Type Confusion in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	2024-08-06
gopiplus--Horizontal scrolling announcements	The Horizontal scrolling announcements plugin for WordPress is vulnerable to SQL Injection via the plugin's 'hsas-shortcode' shortcode in versions up to, and including, 2.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with contributor-level and above permissions to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.	2024-08-06
Halo Service Solutions--HaloITSM	HaloITSM versions up to 2.146.1 are affected by a SAML XML Signature Wrapping (XSW) vulnerability. When having a SAML integration configured, anonymous actors could impersonate arbitrary HaloITSM users by just knowing their email address. HaloITSM versions past 2.146.1 (and patches starting from 2.143.61 ) fix the mentioned vulnerability.	2024-08-06
Halo Service Solutions--HaloITSM	HaloITSM versions up to 2.146.1 are affected by a Stored Cross-Site Scripting (XSS) vulnerability. The injected JavaScript code can execute arbitrary action on behalf of the user accessing a ticket. HaloITSM versions past 2.146.1 (and patches starting from 2.143.61 ) fix the mentioned vulnerability.	2024-08-06
Halo Service Solutions--HaloITSM	HaloITSM versions up to 2.146.1 are affected by a Password Reset Poisoning vulnerability. Poisoned password reset links can be sent to existing HaloITSM users (given their email address is known). When these poisoned links get accessed (e.g. manually by the victim or automatically by an email client software), the password reset token is leaked to the malicious actor, allowing them to set a new password for the victim's account.This potentially leads to account takeover attacks.HaloITSM versions past 2.146.1 (and patches starting from 2.143.61 ) fix the mentioned vulnerability.	2024-08-06
Hewlett Packard Enterprise (HPE)--HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10	There are vulnerabilities in the Soft AP Daemon Service which could allow a threat actor to execute an unauthenticated RCE attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise.	2024-08-06
Hewlett Packard Enterprise (HPE)--HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10	There is a vulnerability in the AP Certificate Management Service which could allow a threat actor to execute an unauthenticated RCE attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise.	2024-08-06
Hewlett Packard Enterprise (HPE)--Hpe Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10	There are vulnerabilities in the Soft AP Daemon Service which could allow a threat actor to execute an unauthenticated RCE attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise.	2024-08-06
Hitachi--Hitachi Tuning Manager	Expression Language Injection vulnerability in Hitachi Tuning Manager on Windows, Linux, Solaris allows Code Injection.This issue affects Hitachi Tuning Manager: before 8.8.7-00.	2024-08-06
Huawei--HarmonyOS	Vulnerability of uncaught exceptions in the Graphics module Impact: Successful exploitation of this vulnerability may affect service confidentiality.	2024-08-08
Huawei--HarmonyOS	Permission control vulnerability in the App Multiplier module Impact:Successful exploitation of this vulnerability may affect functionality and confidentiality.	2024-08-08
Huawei--HarmonyOS	Vulnerability of PIN enhancement failures in the screen lock module Impact: Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.	2024-08-08
itsourcecode--Airline Reservation System	A vulnerability was found in itsourcecode Airline Reservation System 1.0. It has been classified as critical. Affected is the function login/login2 of the file /admin/login.php of the component Admin Login Page. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273624.	2024-08-06
itsourcecode--Bike Delivery System	A vulnerability, which was classified as critical, was found in itsourcecode Bike Delivery System 1.0. Affected is an unknown function of the file contact_us_action.php. The manipulation of the argument name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273648.	2024-08-06
Janobe -- School Attendance Monitoring System	SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'Users in '/report/printlogs.php' parameter.	2024-08-06
Janobe--E-Negosyo System	SQL injection vulnerability in E-Negosyo System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in 'id' in '/admin/orders/controller.php' parameter	2024-08-06
Janobe--E-Negosyo System	SQL injection vulnerability in E-Negosyo System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in 'phonenumber' in '/passwordrecover.php' parameter.	2024-08-06
Janobe--E-Negosyo System	Cross-Site Scripting (XSS) vulnerability in E-Negosyo System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted JavaScript payload to an authenticated user and partially take over their browser session via 'view' parameter in '/admin/products/index.php'.	2024-08-06
Janobe--E-Negosyo System	Cross-Site Scripting (XSS) vulnerability in E-Negosyo System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted JavaScript payload to an authenticated user and partially take over their browser session via 'id' parameter in '/admin/user/index.php'.	2024-08-06
Janobe--E-Negosyo System	Cross-Site Scripting (XSS) vulnerability in E-Negosyo System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain their session cookie details via 'view' parameter in /admin/orders/index.php'.	2024-08-06
Janobe--E-Negosyo System	Cross-Site Scripting (XSS) vulnerability in E-Negosyo System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain their session cookie details via 'category' parameter in '/index.php'.	2024-08-06
Janobe--Janobe PayPal	SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'code' in '/admin/mod_reservation/index.php' parameter.	2024-08-06
Janobe--Janobe PayPal	SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'end' in '/admin/mod_reports/printreport.php' parameter.	2024-08-06
Janobe--Janobe PayPal	SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'categ' in '/admin/mod_reports/printreport.php' parameter.	2024-08-06
Janobe--Janobe PayPal	SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'code' in '/admin/mod_reservation/controller.php' parameter.	2024-08-06
Janobe--Janobe PayPal	SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'id' in '/admin/mod_room/index.php' parameter.	2024-08-06
Janobe--Janobe PayPal	SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'id' in '/admin/mod_users/index.php' parameter.	2024-08-06
Janobe--Janobe PayPal	SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'view' in '/tubigangarden/admin/mod_accomodation/index.php' parameter.	2024-08-06
Janobe--Janobe PayPal	SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'xtsearch' in '/admin/mod_reports/index.php' parameter.	2024-08-06
Janobe--Janobe PayPal	SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'view' in 'Attendance' and 'YearLevel' in '/AttendanceMonitoring/report/attendance_print.php' parameter.	2024-08-06
Janobe--Janobe PayPal	SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'Attendance' and 'YearLevel' in '/AttendanceMonitoring/report/index.php' parameter.	2024-08-06
Janobe--Janobe PayPal	SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'id' in '/AttendanceMonitoring/department/index.php' parameter.	2024-08-06
Janobe--Janobe PayPal	SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'studid' in '/candidate/controller.php' parameter.	2024-08-06
Janobe--Janobe PayPal	SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'username' in '/login.php' parameter.	2024-08-06
Janobe--Janobe PayPal	SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'events' in '/report/event_print.php' parameter.	2024-08-06
Janobe--Janobe PayPal	SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'Attendance' and 'YearLevel' in '/report/attendance_print.php' parameter.	2024-08-06
Janobe--Janobe PayPal	Cross-Site Scripting (XSS) vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'q', 'arrival', 'departure' and 'accomodation' parameters in '/index.php'.	2024-08-06
Janobe--Janobe PayPal	Cross-Site Scripting (XSS) vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'start' parameter in '/admin/mod_reports/printreport.php'.	2024-08-06
Janobe--Janobe PayPal	Cross-Site Scripting (XSS) vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'start' parameter in '/admin/mod_reports/index.php'.	2024-08-06
Janobe--School Attendance Monitoring System	Cross-Site Scripting (XSS) vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'StudentID' parameter in '/AttendanceMonitoring/student/controller.php'.	2024-08-06
Janobe--School Attendance Monitoring System	Cross-Site Scripting (XSS) vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'Attendance', 'attenddate' and 'YearLevel' parameters in '/AttendanceMonitoring/report/attendance_print.php'.	2024-08-06
Janobe--School Attendance Monitoring System	Cross-Site Scripting (XSS) vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'Attendance', 'attenddate' and 'YearLevel' parameters in '/AttendanceMonitoring/report/index.php'.	2024-08-06
Janobe--School Attendance Monitoring System	Cross-Site Scripting (XSS) vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'View' parameter in '/course/index.php'.	2024-08-06
Janobe--School Attendance Monitoring System	Cross-Site Scripting (XSS) vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'View' parameter in '/department/index.php'.	2024-08-06
Janobe--School Attendance Monitoring System	Cross-Site Scripting (XSS) vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'Attendance', 'attenddate', 'YearLevel', 'eventdate', 'events', 'Users' and 'YearLevel' parameters in '/report/index.php'.	2024-08-06
Janobe--School Attendance Monitoring System	Cross-Site Scripting (XSS) vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'Attendance', 'attenddate' and 'YearLevel' parameters in '/report/attendance_print.php'.	2024-08-06
Janobe--School Event Management System	Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted javascript payload to an authenticated user and partially take over their browser session via the 'eventdate' and 'events' parameters in 'port/event_print.php'.	2024-08-06
Janobe--School Event Management System	Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted javascript payload to an authenticated user and partially take over their browser session via the 'id' and 'view' parameters in '/user/index.php'.	2024-08-06
Janobe--School Event Management System	Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the 'view' parameter in '/eventwinner/index.php'.	2024-08-06
Janobe--School Event Management System	Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the 'view' parameter in '/student/index.php'.	2024-08-06
Janobe--School Event Management System	Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain their session details via the 'view' parameter in /candidate/index.php'.	2024-08-06
Janobe--School Event Management System	Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain their session details via the 'view' parameter in '/event/index.php'.	2024-08-06
JetBrains--TeamCity	In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory permissions	2024-08-06
JFrog--Artifactory	JFrog Artifactory versions below 7.90.6, 7.84.20, 7.77.14, 7.71.23, 7.68.22, 7.63.22, 7.59.23, 7.55.18 are vulnerable to Improper Input Validation that could potentially lead to cache poisoning.	2024-08-05
Journyx--Journyx (jtime)	Password reset tokens are generated using an insecure source of randomness. Attackers who know the username of the Journyx installation user can bruteforce the password reset and change the administrator password.	2024-08-07
Journyx--Journyx (jtime)	Attackers with a valid username and password can exploit a python code injection vulnerability during the natural login flow.	2024-08-08
Journyx--Journyx (jtime)	The "soap_cgi.pyc" API handler allows the XML body of SOAP requests to contain references to external entities. This allows an unauthenticated attacker to read local files, perform server-side request forgery, and overwhelm the web server resources.	2024-08-08
jupyterhub--jupyterhub	JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to versions 4.1.6 and 5.1.0, if a user is granted the `admin:users` scope, they may escalate their own privileges by making themselves a full admin user. The impact is relatively small in that `admin:users` is already an extremely privileged scope only granted to trusted users. In effect, `admin:users` is equivalent to `admin=True`, which is not intended. Note that the change here only prevents escalation to the built-in JupyterHub admin role that has unrestricted permissions. It does not prevent users with e.g. `groups` permissions from granting themselves or other users permissions via group membership, which is intentional. Versions 4.1.6 and 5.1.0 fix this issue.	2024-08-08
kaizencoders--Traffic Manager	The Traffic Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'page' parameter in the 'UserWebStat' AJAX function in all versions up to, and including, 1.4.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.	2024-08-06
KAON Group--AR2140	Firmware in KAON AR2140 routers prior to version 4.2.16 is vulnerable to a shell command injection via sending a crafted request to one of the endpoints. In order to exploit this vulnerability, one has to have access to the administrative portal of the router.	2024-08-08
mailcow--mailcow-dockerized	mailcow: dockerized is an open source groupware/email suite based on docker. An unauthenticated attacker can inject a JavaScript payload into the API logs. This payload is executed whenever the API logs page is viewed, potentially allowing an attacker to run malicious scripts in the context of the user's browser. This could lead to unauthorized actions, data theft, or further exploitation of the affected system. This issue has been addressed in the `2024-07` release. All users are advised to upgrade. There are no known workarounds for this vulnerability.	2024-08-05
mainwp--MainWP Child Reports	The MainWP Child Reports plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2. This is due to missing or incorrect nonce validation on the network_options_action() function. This makes it possible for unauthenticated attackers to update arbitrary options that can be leveraged for privilege escalation via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. This is only exploitable on multisite instances.	2024-08-08
matrix-org--matrix-react-sdk	matrix-react-sdk is a react-based SDK for inserting a Matrix chat/voip client into a web page. A malicious homeserver could manipulate a user's account data to cause the client to enable URL previews in end-to-end encrypted rooms, in which case any URLs in encrypted messages would be sent to the server. This was patched in matrix-react-sdk 3.105.0. Deployments that trust their homeservers, as well as closed federations of trusted servers, are not affected. Users are advised to upgrade. There are no known workarounds for this vulnerability.	2024-08-06
Microsoft--Dynamics CRM Service Portal Web Resource	An unauthenticated attacker can exploit improper neutralization of input during web page generation in Microsoft Dynamics 365 to spoof over a network by tricking a user to click on a link.	2024-08-06
Microsoft--Microsoft Copilot Studio	An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in Microsoft Copilot Studio to leak sensitive information over a network.	2024-08-06
Microsoft--Windows 10 Version 1809	Summary Microsoft was notified that an elevation of privilege vulnerability exists in Windows Backup, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of Virtualization Based Security (VBS). However, an attacker attempting to exploit this vulnerability requires additional interaction by a privileged user to be successful. Microsoft is developing a security update to mitigate this threat, but it is not yet available. Guidance to help customers reduce the risks associated with this vulnerability and to protect their systems until the mitigation is available in a Windows security update is provided in the Recommended Actions section of this CVE. This CVE will be updated, and customers will be notified when the official mitigation is available in a Windows security update. We highly encourage customers to subscribe to Security Update Guide notifications to receive an alert when this update occurs. Details A security researcher informed Microsoft of an elevation of privilege vulnerability in Windows Backup potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of VBS. For exploitation to succeed, an attacker must trick or convince an Administrator or a user with delegated permissions into performing a system restore which inadvertently triggers the vulnerability. Microsoft is developing a security update that will mitigate this vulnerability, but it is not yet available. This CVE will be updated with new information and links to the security updates once available. We highly encourage customers subscribe to Security Update Guide notifications to be alerted of updates. See Microsoft Technical Security Notifications and Security Update Guide Notification System News: Create your profile now - Microsoft Security Response Center. Microsoft is not aware of any attempts to exploit this vulnerability. However, a public presentation regarding this vulnerability was hosted at BlackHat on August 7, 2024. The presentation was appropriately coordinated with Microsoft but may change the threat landscape. Customers concerned with these risks should reference the guidance provided in the Recommended Actions section to protect their systems. Recommended Actions The following recommendations do not mitigate the vulnerability but can be used to reduce the risk of exploitation until the security update is available. Configure "Audit Object Access" settings to monitor attempts to access files, such as handle creation, read / write operations, or modifications to security descriptors. Audit File System - Windows 10 \| Microsoft Learn Apply a basic audit policy on a file or folder - Windows 10 \| Microsoft Learn Audit users with permission to perform Backup and Restore operations to ensure only the appropriate users can perform these operations. Audit: Audit the use of Backup and Restore privilege (Windows 10) - Windows 10 \| Microsoft Learn Implement an Access Control List or Discretionary Access Control Lists to restrict the access or modification of Backup files and perform Restore operations to appropriate users, for example administrators only. Access Control overview \| Microsoft Learn Discretionary Access Control Lists (DACL) Auditing sensitive privileges used to identify access, modification, or replacement of Backup related files could help indicate attempts to exploit this vulnerability. Audit Sensitive Privilege Use - Windows 10 \| Microsoft Learn	2024-08-08
MongoDB Inc--MongoDB Server	Incorrect validation of files loaded from a local untrusted directory may allow local privilege escalation if the underlying operating systems is Windows. This may result in the application executing arbitrary behaviour determined by the contents of untrusted files. This issue affects MongoDB Server v5.0 versions prior to 5.0.27, MongoDB Server v6.0 versions prior to 6.0.16, MongoDB Server v7.0 versions prior to 7.0.12, MongoDB Server v7.3 versions prior 7.3.3, MongoDB C Driver versions prior to 1.26.2 and MongoDB PHP Driver versions prior to 1.18.1. Required Configuration: Only environments with Windows as the underlying operating system is affected by this issue	2024-08-07
Mozilla--Firefox for iOS	Long pressing on a download link could potentially allow Javascript commands to be executed within the browser This vulnerability affects Firefox for iOS < 129.	2024-08-06
Mozilla--Firefox	Incomplete WebAssembly exception handing could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.	2024-08-06
Mozilla--Firefox	Editor code failed to check an attribute value. This could have led to an out-of-bounds read. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.	2024-08-06
Mozilla--Firefox	It was possible for a web extension with minimal permissions to create a `StreamFilter` which could be used to read and modify the response body of requests on any site. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.	2024-08-06
Mozilla--Firefox	Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.	2024-08-06
Mozilla--Firefox	Incorrect garbage collection interaction could have led to a use-after-free. This vulnerability affects Firefox < 129.	2024-08-06
Mozilla--Firefox	Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.	2024-08-06
Mozilla--Firefox	A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.	2024-08-06
Mozilla--Firefox	Unexpected marking work at the start of sweeping could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.	2024-08-06
Mozilla--Firefox	The date picker could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.	2024-08-06
Mozilla--Firefox	ANGLE failed to initialize parameters which led to reading from uninitialized memory. This could be leveraged to leak sensitive data from memory. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.	2024-08-06
N/A -- N/A	GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, XE3000/X3000 v4, and B2200/MV1000/MV1000W/USB150/N300/SF1200 v3.216 were discovered to contain a shell injection vulnerability via the interface check_config.	2024-08-06
N/A -- N/A	A SQL injection vulnerability in /smsa/teacher_login.php in Kashipara Responsive School Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter.	2024-08-07
N/A -- N/A	D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service.	2024-08-06
N/A -- N/A	An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. QuerySet.values() and values_list() methods on models with a JSONField are subject to SQL injection in column aliases via a crafted JSON object key as a passed *arg.	2024-08-07
N/A -- N/A	An issue in the Ping feature of IT Solutions Enjay CRM OS v1.0 allows attackers to escape the restricted terminal environment and gain root-level privileges on the underlying system.	2024-08-07
N/A -- N/A	An issue in the Hardware info module of IT Solutions Enjay CRM OS v1.0 allows attackers to escape the restricted terminal environment and gain root-level privileges on the underlying system.	2024-08-07
N/A -- N/A	An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize() and urlizetrunc() template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters.	2024-08-07
N/A -- N/A	An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.	2024-08-07
N/A -- N/A	Nagios NDOUtils before 2.1.4 allows privilege escalation from nagios to root because certain executable files are owned by the nagios user.	2024-08-07
n/a--DataGear	A vulnerability was found in DataGear up to 5.0.0. It has been declared as critical. Affected by this vulnerability is the function evaluateVariableExpression of the file ConversionSqlParamValueMapper.java of the component Data Schema Page. The manipulation leads to improper neutralization of special elements used in an expression language statement. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273697 was assigned to this vulnerability.	2024-08-06
N/A--N/A	SourceCodester Computer Laboratory Management System 1.0 allows classes/Master.php id SQL Injection.	2024-08-07
N/A--N/A	SourceCodester Computer Laboratory Management System 1.0 allows admin/category/view_category.php id SQL Injection.	2024-08-07
N/A--N/A	GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain a remote code execution (RCE) vulnerability.	2024-08-06
N/A--N/A	GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain insecure permissions in the endpoint /cgi-bin/glc. This vulnerability allows unauthenticated attackers to execute arbitrary code or possibly a directory traversal via crafted JSON data.	2024-08-06
N/A--N/A	An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent.	2024-08-07
n/a--n/a	An issue in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via a crafted script to the format parameter.	2024-08-06
n/a--n/a	A compromised HMS Networks Cosy+ device could be used to request a Certificate Signing Request from Talk2m for another device, resulting in an availability issue. The issue was patched on the Talk2m production server on April 18, 2024.	2024-08-06
n/a--n/a	GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain a shell injection vulnerability via the interface check_ovpn_client_config.	2024-08-06
n/a--n/a	SQL Injection vulnerability in PuneethReddyHC Online Shopping sysstem advanced v.1.0 allows an attacker to execute arbitrary code via the register.php	2024-08-05
n/a--n/a	Insecure Permissions vulnerability in UAB Lexita PanteraCRM CMS v.401.152 and Patera CRM CMS v.402.072 allows a remote attacker to execute arbitrary code via modification of the X-Forwarded-For header component.	2024-08-05
n/a--n/a	An issue discovered in the RunHTTPServer function in Gorush v1.18.4 allows attackers to intercept and manipulate data due to use of deprecated TLS version.	2024-08-06
n/a--n/a	An issue in UAB Lexita PanteraCRM CMS v.401.152 and Patera CRM CMS v.402.072 allows a remote attacker to escalate privileges via the user profile management function.	2024-08-05
n/a--n/a	A CSV injection vulnerability in Automation Anywhere Automation 360 version 21094 allows attackers to execute arbitrary code via a crafted payload.	2024-08-06
n/a--n/a	dzzoffice 2.02.1 is vulnerable to Directory Traversal via user/space/about.php.	2024-08-05
n/a--n/a	Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR16, 4.0.0 SR06, 4.1.0 SR04, 4.2.0 SR03, and 4.3.0 SR01 fails to validate symlinks during the Pre-Boot Authorization (PBA) process. This can be exploited by a physical attacker who is able to manipulate the contents of the system's hard disk.	2024-08-08
n/a--n/a	PrivX before 34.0 allows data exfiltration and denial of service via the REST API. This is fixed in minor versions 33.1, 32.3, 31.3, and later, and in major version 34.0 and later,	2024-08-06
n/a--n/a	mod_css_styles in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a insufficiently filters Cascading Style Sheets (CSS) token sequences in rendered e-mail messages, allowing a remote attacker to obtain sensitive information.	2024-08-05
n/a--n/a	1Password 8 before 8.10.36 for macOS allows local attackers to exfiltrate vault items because XPC inter-process communication validation is insufficient.	2024-08-06
n/a--PostgreSQL	Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object creator to execute arbitrary SQL functions as the user running pg_dump, which is often a superuser. The attack involves replacing another relation type with a view or foreign table. The attack requires waiting for pg_dump to start, but winning the race condition is trivial if the attacker retains an open transaction. Versions before PostgreSQL 16.4, 15.8, 14.13, 13.16, and 12.20 are affected.	2024-08-08
nuxt--icon	Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. `nuxt/icon` provides an API to allow client side icon lookup. This endpoint is at `/api/_nuxt_icon/[name]`. The proxied request path is improperly parsed, allowing an attacker to change the scheme and host of the request. This leads to SSRF, and could potentially lead to sensitive data exposure. The `new URL` constructor is used to parse the final path. This constructor can be passed a relative scheme or path in order to change the host the request is sent to. This constructor is also very tolerant of poorly formatted URLs. As a result we can pass a path prefixed with the string `http:`. This has the effect of changing the scheme to HTTP. We can then subsequently pass a new host, for example `http:127.0.0.1:8080`. This would allow us to send requests to a local server. This issue has been addressed in release version 1.4.5 and all users are advised to upgrade. There are no known workarounds for this vulnerability.	2024-08-05
nuxt--nuxt	Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. Nuxt Devtools is missing authentication on the `getTextAssetContent` RPC function which is vulnerable to path traversal. Combined with a lack of Origin checks on the WebSocket handler, an attacker is able to interact with a locally running devtools instance and exfiltrate data abusing this vulnerability. In certain configurations an attacker could leak the devtools authentication token and then abuse other RPC functions to achieve RCE. The `getTextAssetContent` function does not check for path traversals, this could allow an attacker to read arbitrary files over the RPC WebSocket. The WebSocket server does not check the origin of the request leading to cross-site-websocket-hijacking. This may be intentional to allow certain configurations to work correctly. Nuxt Devtools authentication tokens are placed within the home directory of the current user. The malicious webpage can connect to the Devtools WebSocket, perform a directory traversal brute force to find the authentication token, then use the authenticated `writeStaticAssets` function to create a new Component, Nitro Handler or `app.vue` file which will run automatically as the file is changed. This vulnerability has been addressed in release version 1.3.9. All users are advised to upgrade. There are no known workarounds for this vulnerability.	2024-08-05
nuxt--nuxt	Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. Due to the insufficient validation of the `path` parameter in the NuxtTestComponentWrapper, an attacker can execute arbitrary JavaScript on the server side, which allows them to execute arbitrary commands. Users who open a malicious web page in the browser while running the test locally are affected by this vulnerability, which results in the remote code execution from the malicious web page. Since web pages can send requests to arbitrary addresses, a malicious web page can repeatedly try to exploit this vulnerability, which then triggers the exploit when the test server starts.	2024-08-05
NVIDIA--GPU Display Driver, vGPU Software, Cloud Gaming	NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.	2024-08-08
NVIDIA--Mellanox OS	NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC contain a vulnerability in ipfilter, where improper ipfilter definitions could enable an attacker to cause a failure by attacking the switch. A successful exploit of this vulnerability might lead to denial of service.	2024-08-08
NVIDIA--NVIDIA Jetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson TX1, Jetson Nano series	NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead to denial of service, code execution, and escalation of privileges.	2024-08-08
Open WebUI--Open WebUI	Attacker controlled files can be uploaded to arbitrary locations on the web server's filesystem by abusing a path traversal vulnerability.	2024-08-07
Pimax--Pimax Play	Multiple Pimax products accept WebSocket connections from unintended endpoints. If this vulnerability is exploited, arbitrary code may be executed by a remote unauthenticated attacker.	2024-08-05
Qualcomm, Inc.--Snapdragon	Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager.	2024-08-05
Qualcomm, Inc.--Snapdragon	Memory corruption when memory mapped in a VBO is not unmapped by the GPU SMMU.	2024-08-05
Qualcomm, Inc.--Snapdragon	Memory corruption while processing graphics kernel driver request to create DMA fence.	2024-08-05
Qualcomm, Inc.--Snapdragon	Memory corruption when kernel driver attempts to trigger hardware fences.	2024-08-05
Qualcomm, Inc.--Snapdragon	Memory corruption when the mapped pages in VBO are still mapped after reclaiming by shrinker.	2024-08-05
Qualcomm, Inc.--Snapdragon	Memory corruption while processing IOCTL call to set metainfo.	2024-08-05
Qualcomm, Inc.--Snapdragon	Memory corruption while allocating memory in HGSL driver.	2024-08-05
Qualcomm, Inc.--Snapdragon	Memory corruption while creating a fence to wait on timeline events, and simultaneously signal timeline events.	2024-08-05
Qualcomm, Inc.--Snapdragon	Memory corruption can occur when arbitrary user-space app gains kernel level privilege to modify DDR memory by corrupting the GPU page table.	2024-08-05
Qualcomm, Inc.--Snapdragon	Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released.	2024-08-05
Qualcomm, Inc.--Snapdragon	Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time.	2024-08-05
Qualcomm, Inc.--Snapdragon	Transient DOS during music playback of ALAC content.	2024-08-05
Qualcomm, Inc.--Snapdragon	Transient DOS when NAS receives ODAC criteria of length 1 and type 1 in registration accept OTA.	2024-08-05
Qualcomm, Inc.--Snapdragon	Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.	2024-08-05
Qualcomm, Inc.--Snapdragon	Memory corruption when keymaster operation imports a shared key.	2024-08-05
Qualcomm, Inc.--Snapdragon	Memory corruption during session sign renewal request calls in HLOS.	2024-08-05
Qualcomm, Inc.--Snapdragon	Transient DOS while parsing fragments of MBSSID IE from beacon frame.	2024-08-05
Qualcomm, Inc.--Snapdragon	Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero.	2024-08-05
Qualcomm, Inc.--Snapdragon	Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon.	2024-08-05
Qualcomm, Inc.--Snapdragon	Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length.	2024-08-05
Qualcomm, Inc.--Snapdragon	Transient DOS while parsing ESP IE from beacon/probe response frame.	2024-08-05
Qualcomm, Inc.--Snapdragon	Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report.	2024-08-05
Qualcomm, Inc.--Snapdragon	Transient DOS while parsing the received TID-to-link mapping element of the TID-to-link mapping action frame.	2024-08-05
Qualcomm, Inc.--Snapdragon	Transient DOS while parsing the received TID-to-link mapping action frame.	2024-08-05
Qualcomm, Inc.--Snapdragon	Transient DOS while processing TID-to-link mapping IE elements.	2024-08-05
Qualcomm, Inc.--Snapdragon	Transient DOS while parsing the ML IE when a beacon with length field inside the common info of ML IE greater than the ML IE length.	2024-08-05
Qualcomm, Inc.--Snapdragon	Transient DOS while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.	2024-08-05
Qualcomm, Inc.--Snapdragon	Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp.	2024-08-05
Raisecom--MSG1200	A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90 and classified as critical. Affected by this issue is the function sslvpn_config_mod of the file /vpn/list_ip_network.php of the component Web Interface. The manipulation of the argument template/stylenum leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273560. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2024-08-05
Raisecom--MSG1200	A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90. It has been classified as critical. This affects the function sslvpn_config_mod of the file /vpn/list_service_manage.php of the component Web Interface. The manipulation of the argument template/stylenum leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273561 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2024-08-05
Raisecom-MSG1200	A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90. It has been declared as critical. This vulnerability affects the function sslvpn_config_mod of the file /vpn/list_vpn_web_custom.php of the component Web Interface. The manipulation of the argument template/stylenum leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273562 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2024-08-05
Raisecom-MSG1200	A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90. It has been rated as critical. This issue affects the function sslvpn_config_mod of the file /vpn/vpn_template_style.php of the component Web Interface. The manipulation of the argument template/stylenum leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273563. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2024-08-05
Red Hat--Red Hat Enterprise Linux 8	A flaw was found in libnbd. The client did not always correctly verify the NBD server's certificate when using TLS to connect to an NBD server. This issue allows a man-in-the-middle attack on NBD traffic.	2024-08-05
reputeinfosystems--Appointment Booking Calendar Plugin and Scheduling Plugin BookingPress	The Appointment Booking Calendar Plugin and Online Scheduling Plugin - BookingPress plugin for WordPress is vulnerable to authentication bypass in versions 1.1.6 to 1.1.7. This is due to the plugin not properly verifying a user's identity prior to logging them in when completing a booking. This makes it possible for unauthenticated attackers to log in as registered users, including administrators, if they have access to that user's email. This is only exploitable when the 'Auto login user after successful booking' setting is enabled.	2024-08-08
Ricoh Company, Ltd.--JavaTM Platform	Initialization of a resource with an insecure default vulnerability exists in JavaTM Platform Ver.12.89 and earlier. If this vulnerability is exploited, the product may be affected by some known TLS1.0 and TLS1.1 vulnerabilities. As for the specific products/models/versions of MFPs and printers that contain JavaTM Platform, see the information provided by the vendor.	2024-08-06
Samsung Mobile -- Samsung Notes	Out-of-bounds write in appending paragraph in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially execute arbitrary code with Samsung Notes privilege.	2024-08-07
Samsung Mobile -- Samsung Notes	Out-of-bounds write in applying connected information in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially execute arbitrary code with Samsung Notes privilege.	2024-08-07
Samsung Mobile--Samsung Mobile Devices	Improper privilege management in SumeNNService prior to SMR Aug-2024 Release 1 allows local attackers to start privileged service.	2024-08-07
Samsung Mobile--Samsung Mobile Devices	Out-of-bound write in libcodec2secmp4vdec.so prior to SMR Aug-2024 Release 1 allows local attackers to execute arbitrary code.	2024-08-07
Samsung Mobile--Samsung Mobile Devices	Out-of-bound write in libsmat.so prior to SMR Aug-2024 Release 1 allows local attackers to execute arbitrary code.	2024-08-07
Samsung Mobile--Samsung Mobile Devices	Improper input validation in librtp.so prior to SMR Aug-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.	2024-08-07
shahriar0822--The Next	The The Next theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1.0 via deserialization of untrusted input from the wpeden_post_meta post meta value. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.	2024-08-08
shopware--shopware	Shopware, an open ecommerce platform, has a new Twig Tag `sw_silent_feature_call` which silences deprecation messages while triggered in this tag. Prior to versions 6.6.5.1 and 6.5.8.13, it accepts as parameter a string the feature flag name to silence, but this parameter is not escaped properly and allows execution of code. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.2, 6.3, and 6.4, corresponding security measures are also available via a plugin.	2024-08-08
shopware--shopware	Shopware is an open commerce platform. Prior to versions 6.6.5.1 and 6.5.8.13, the `context` variable is injected into almost any Twig Template and allows to access to current language, currency information. The context object allows also to switch for a short time the scope of the Context as a helper with a callable function. The function can be called also from Twig and as the second parameter allows any callable, it's possible to call from Twig any statically callable PHP function/method. It's not possible as customer to provide any Twig code, the attacker would require access to Administration to exploit it using Mail templates or using App Scripts. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.1, 6.2, 6.3 and 6.4 corresponding security measures are also available via a plugin.	2024-08-08
shopware--shopware	Shopware is an open commerce platform. Prior to versions 6.6.5.1 and 6.5.8.13, the Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the parameters in the `aggregations` object. The `name` field in this `aggregations` object is vulnerable SQL-injection and can be exploited using SQL parameters. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.1, 6.2, 6.3, and 6.4, corresponding security measures are also available via a plugin.	2024-08-08
Tenda--A301	A vulnerability classified as critical has been found in Tenda A301 15.13.08.12. This affects the function formWifiBasicSet of the file /goform/WifiBasicSet. The manipulation of the argument security leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2024-08-07
Tenda--i22	A vulnerability classified as critical was found in Tenda i22 1.0.0.3(4687). This vulnerability affects the function formApPortalAccessCodeAuth of the file /goform/apPortalAccessCodeAuth. The manipulation of the argument accessCode/data/acceInfo leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2024-08-07
Tenda--i22	A vulnerability, which was classified as critical, has been found in Tenda i22 1.0.0.3(4687). This issue affects the function formApPortalOneKeyAuth of the file /goform/apPortalOneKeyAuth. The manipulation of the argument data leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2024-08-07
Tenda--i22	A vulnerability, which was classified as critical, was found in Tenda i22 1.0.0.3(4687). Affected is the function formApPortalPhoneAuth of the file /goform/apPortalPhoneAuth. The manipulation of the argument data leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2024-08-07
Tenda--i22	A vulnerability has been found in Tenda i22 1.0.0.3(4687) and classified as critical. Affected by this vulnerability is the function formApPortalWebAuth of the file /goform/apPortalAuth. The manipulation of the argument webUserName/webUserPassword leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2024-08-07
The Document Foundation--LibreOffice	Certificate Validation user interface in LibreOffice allows potential vulnerability. Signed macros are scripts that have been digitally signed by the developer using a cryptographic signature. When a document with a signed macro is opened a warning is displayed by LibreOffice before the macro is executed. Previously if verification failed the user could fail to understand the failure and choose to enable the macros anyway. This issue affects LibreOffice: from 24.2 before 24.2.5.	2024-08-05
thimpress--LearnPress WordPress LMS Plugin	The LearnPress - WordPress LMS Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the 'order' parameter in all versions up to, and including, 4.2.6.9.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.	2024-08-08
TOTOLINK--CP450	A vulnerability, which was classified as critical, was found in TOTOLINK CP450 4.1.0cu.747_B20191224. Affected is the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument http_host leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-273558 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2024-08-05
TOTOLINK--CP900	A vulnerability classified as critical was found in TOTOLINK CP900 6.3c.566. This vulnerability affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument File leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273556. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2024-08-05
TOTOLINK--N350RT	A vulnerability classified as critical has been found in TOTOLINK N350RT 9.3.5u.6139_B20201216. This affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ssid leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273555. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2024-08-05
unitecms--Blox Page Builder	The Blox Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handleUploadFile' function in all versions up to, and including, 1.0.65. This makes it possible for authenticated attackers, with contributor-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible.	2024-08-06
Unknown--Himer	The lacks CSRF checks allowing a user to invite any user to any group (including private groups)	2024-08-05
Unknown--Product	The Light Poll WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks	2024-08-06
Vonets--VAR1200-H	Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and WiFi bridge repeaters, software versions 3.3.23.6.9 and prior, enables an unauthenticated remote attacker to bypass authentication using hard-coded administrator credentials. These accounts cannot be disabled.	2024-08-08
vrcx-team--VRCX	VRCX is an assistant/companion application for VRChat. In versions prior to 2024.03.23, a CefSharp browser with over-permission and cross-site scripting via overlay notification can be combined to result in remote command execution. These vulnerabilities are patched in VRCX 2023.12.24. In addition to the patch, VRCX maintainers worked with the VRC team and blocked the older version of VRCX on the VRC's API side. Users who use the older version of VRCX must update their installation to continue using VRCX.	2024-08-08
Webnus--Modern Events Calendar	The Modern Events Calendar plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.12.1 via the 'mec_fes_form' AJAX function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.	2024-08-07
wpbakery--WPBakery Visual Composer	The WPBakery Visual Composer plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 7.7 via the 'layout_name' parameter. This makes it possible for authenticated attackers, with Author-level access and above, and with post permissions granted by an Administrator, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other "safe" file types can be uploaded and included.	2024-08-06
Zscaler--Client Connector	An Improper Input Validation vulnerability in Zscaler Client Connector on MacOS allows OS Command Injection. This issue affects Zscaler Client Connector on MacOS <4.2.	2024-08-06
Zscaler--Client Connector	Anti-tampering can be disabled under certain conditions without signature validation. This affects Zscaler Client Connector <4.2.0.190 with anti-tampering enabled.	2024-08-06
Zscaler--Client Connector	While copying individual autoupdater log files, reparse point check was missing which could result into crafted attacks, potentially leading to a local privilege escalation. This issue affects Zscaler Client Connector on Windows <4.2.0.190.	2024-08-06
Zscaler--Client Connector	The Zscaler Updater process does not validate the digital signature of the installer before execution, allowing arbitrary code to be locally executed. This affects Zscaler Client Connector on MacOS <4.2.	2024-08-06
ZTE--ZXV10 XT802	There is a permission and access control vulnerability of ZTE's ZXV10 XT802/ET301 product.Attackers with common permissions can log in the terminal web and change the password of the administrator illegally by intercepting requests to change the passwords.	2024-08-08

Medium Vulnerabilities

Primary Vendor -- Product	Description	Published
Alien Technology--ALR-F800	A vulnerability was found in Alien Technology ALR-F800 up to 19.10.24.00. It has been declared as critical. Affected by this vulnerability is the function popen of the file /var/www/cgi-bin/upgrade.cgi of the component File Name Handler. The manipulation of the argument uploadedFile leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2024-08-07
AMD--3rd Gen AMD EPYC Processors	Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to overwrite a guest's UMC seed potentially allowing reading of memory from a decommissioned guest.	2024-08-05
AMD--3rd Gen AMD EPYC Processors	Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption.	2024-08-05
ameliabooking--Booking for Appointments and Events Calendar Amelia	The Booking for Appointments and Events Calendar - Amelia plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.2. This is due to the plugin utilizing Symfony and leaving display_errors on within test files. This makes it possible for unauthenticated attackers to retrieve the full path of the web application, which can be used to aid other attacks. The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website.	2024-08-08
Avaya--Aura System Manager	A SQL injection vulnerability was found which could allow a command line interface (CLI) user with administrative privileges to execute arbitrary queries against the Avaya Aura System Manager database. Affected versions include 10.1.x.x and 10.2.x.x. Versions prior to 10.1 are end of manufacturer support.	2024-08-08
Avaya--Aura System Manager	An Improper access control vulnerability was found in Avaya Aura System Manager which could allow a command-line interface (CLI) user with administrative privileges to read arbitrary files on the system. Affected versions include 10.1.x.x and 10.2.x.x. Versions prior to 10.1 are end of manufacturer support.	2024-08-08
bradvin--Lightbox & Modal Popup WordPress Plugin FooBox	The Lightbox & Modal Popup WordPress Plugin - FooBox plugin for WordPress is vulnerable to DOM-based Stored Cross-Site Scripting via HTML data attributes in all versions up to, and including, 2.7.28 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.	2024-08-08
Calibre--Calibre	Unsanitized user-input in Calibre <= 7.15.0 allow attackers to perform reflected cross-site scripting.	2024-08-06
Calibre--Calibre	Unsanitized user-input in Calibre <= 7.15.0 allow users with permissions to perform full-text searches to achieve SQL injection on the SQLite database.	2024-08-06
Cisco--Cisco Adaptive Security Appliance (ASA) Software	A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have at least a low-privileged account on an affected device.	2024-08-07
Cisco--Cisco Identity Services Engine Software	A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have Admin privileges on an affected device.	2024-08-07
daniyalahmedk--Fuse Social Floating Sidebar	The Fuse Social Floating Sidebar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the file upload functionality in all versions up to, and including, 5.4.10 due to insufficient validation of SVG files. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.	2024-08-08
Dell--Dell Update (DU)	Dell Command \| Update, Dell Update, and Alienware Update UWP, versions prior to 5.4, contain an Exposed Dangerous Method or Function vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service.	2024-08-06
Dorsett Controls--InfoScan	Dorsett Controls Central Server update server has potential information leaks with an unprotected file that contains passwords and API keys.	2024-08-08
Dorsett Controls--InfoScan	The InfoScan client download page can be intercepted with a proxy, to expose filenames located on the system, which could lead to additional information exposure.	2024-08-08
Dorsett Controls--InfoScan	Dorsett Controls InfoScan is vulnerable due to a leak of possible sensitive information through the response headers and the rendered JavaScript prior to user login.	2024-08-08
galdub--Folders Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager	The Folders - Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.	2024-08-06
GitLab--GitLab	ReDoS flaw in RefMatcher when matching branch names using wildcards in GitLab EE/CE affecting all versions from 11.3 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allows denial of service via Regex backtracking.	2024-08-08
GitLab--GitLab	A permission check vulnerability in GitLab CE/EE affecting all versions starting from 8.12 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allowed for LFS tokens to read and write to the user owned repositories.	2024-08-08
GitLab--GitLab	A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions starting with 12.6 before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. It is possible for an attacker to cause a denial of service using crafted adoc files.	2024-08-08
GitLab--GitLab	Multiple Denial of Service (DoS) conditions has been discovered in GitLab CE/EE affecting all versions starting from 1.0 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2 which allowed an attacker to cause resource exhaustion via banzai pipeline.	2024-08-08
GitLab--GitLab	An issue has been discovered in GitLab CE/EE affecting all versions before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. An issue was found that allows someone to abuse a discrepancy between the Web application display and the git command line interface to social engineer victims into cloning non-trusted code.	2024-08-08
GitLab--GitLab	An issue was discovered in GitLab CE/EE affecting all versions starting from 8.16 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2, which causes the web interface to fail to render the diff correctly when the path is encoded.	2024-08-08
GitLab--GitLab	An issue was discovered in GitLab CE/EE affecting all versions starting from 11.10 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2, with the processing logic for parsing invalid commits can lead to a regular expression DoS attack on the server.	2024-08-08
GitLab--GitLab	A cross-site scripting issue has been discovered in GitLab affecting all versions starting from 5.1 prior 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2. When viewing an XML file in a repository in raw mode, it can be made to render as HTML if viewed under specific circumstances.	2024-08-08
GitLab--GitLab	An issue was discovered in GitLab EE starting from version 16.7 before 17.0.6, version 17.1 before 17.1.4 and 17.2 before 17.2.2 that allowed bypassing the password re-entry requirement to approve a policy.	2024-08-08
GitLab--GitLab	An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9 before 17.0.6, all versions starting from 17.1 before 17.1.4, all versions starting from 17.2 before 17.2.2. Under certain conditions, access tokens may have been logged when an API request was made in a specific manner.	2024-08-08
GitLab--GitLab	A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions starting with 15.9 before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. It is possible for an attacker to cause catastrophic backtracking while parsing results from Elasticsearch.	2024-08-08
Google--Chrome	Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)	2024-08-06
Google--Chrome	Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)	2024-08-06
Google--Chrome	Inappropriate implementation in HTML in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)	2024-08-06
Google--Chrome	Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a malicious file. (Chromium security severity: Low)	2024-08-06
Google--Chrome	Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a malicious file. (Chromium security severity: Low)	2024-08-06
Google-Chrome	Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)	2024-08-06
Halo Service Solutions--HaloITSM	HaloITSM versions up to 2.146.1 are affected by a Template Injection vulnerability within the engine used to generate emails. This can lead to the leakage of potentially sensitive information. HaloITSM versions past 2.146.1 (and patches starting from 2.143.61 ) fix the mentioned vulnerability.	2024-08-06
Hewlett Packard Enterprise (HPE)--HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10	Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Certificate Management daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.	2024-08-06
Hewlett Packard Enterprise (HPE)--HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10	Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Certificate Management daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.	2024-08-06
Hewlett Packard Enterprise--HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10	Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.	2024-08-06
Hewlett Packard Enterprise--HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10	Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.	2024-08-06
Hewlett Packard Enterprise--HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10	Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.	2024-08-06
Hitachi--Hitachi Device Manager	Unquoted Executable Path vulnerability in Hitachi Device Manager on Windows (Device Manager Server component).This issue affects Hitachi Device Manager: before 8.8.7-00.	2024-08-06
Huawei--HarmonyOS	Access permission verification vulnerability in the content sharing pop-up module Impact: Successful exploitation of this vulnerability may affect service confidentiality.	2024-08-08
Huawei--HarmonyOS	Access control vulnerability in the security verification module mpact: Successful exploitation of this vulnerability will affect integrity and confidentiality.	2024-08-08
Huawei--HarmonyOS	LaunchAnywhere vulnerability in the account module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.	2024-08-08
Huawei--HarmonyOS	Permission verification vulnerability in the lock screen module Impact: Successful exploitation of this vulnerability may affect availability	2024-08-08
Huawei--HarmonyOS	Access permission verification vulnerability in the Contacts module Impact: Successful exploitation of this vulnerability may affect service confidentiality.	2024-08-08
IBM--InfoSphere Information Server	IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 297429	2024-08-06
itsourcecode--Airline Reservation System	A vulnerability has been found in itsourcecode Airline Reservation System 1.0 and classified as critical. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument page leads to file inclusion. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273622 is the identifier assigned to this vulnerability.	2024-08-06
itsourcecode--Airline Reservation System	A vulnerability was found in itsourcecode Airline Reservation System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/index.php. The manipulation of the argument page leads to file inclusion. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273623.	2024-08-06
itsourcecode--Airline Reservation System	A vulnerability was found in itsourcecode Airline Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file flights.php. The manipulation of the argument departure_airport_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273625 was assigned to this vulnerability.	2024-08-06
itsourcecode--Airline Reservation System	A vulnerability was found in itsourcecode Airline Reservation System 1.0. It has been rated as critical. Affected by this issue is the function save_settings of the file admin/admin_class.php. The manipulation of the argument img leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-273626 is the identifier assigned to this vulnerability.	2024-08-06
itsourcecode--Laravel Accounting System	A vulnerability, which was classified as critical, was found in itsourcecode Laravel Accounting System 1.0. This affects an unknown part of the file app/Http/Controllers/HomeController.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273621 was assigned to this vulnerability.	2024-08-06
itsourcecode--Tailoring Management System	A vulnerability has been found in itsourcecode Tailoring Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /setlogo.php. The manipulation of the argument bgimg leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273649 was assigned to this vulnerability.	2024-08-06
Journyx--Journyx (jtime)	Attackers can craft a malicious link that once clicked will execute arbitrary JavaScript in the context of the Journyx web application.	2024-08-08
kubean-io--kubean	Kubean is a cluster lifecycle management toolchain based on kubespray and other cluster LCM engine. The ClusterRole has `` verbs of `` resources. If a malicious user can access the worker node which has kubean's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the whole cluster, resulting in a cluster-level privilege escalation. This issue has been addressed in release version 0.18.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.	2024-08-05
leap13--Premium Addons for Elementor	The Premium Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'check_temp_validity' and 'update_template_title' functions in all versions up to, and including, 4.10.38. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete arbitrary content and update post and page titles.	2024-08-08
Linux--Linux	In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci: Fix max_seg_size for 64KiB PAGE_SIZE blk_queue_max_segment_size() ensured: if (max_size < PAGE_SIZE) max_size = PAGE_SIZE; whereas: blk_validate_limits() makes it an error: if (WARN_ON_ONCE(lim->max_segment_size < PAGE_SIZE)) return -EINVAL; The change from one to the other, exposed sdhci which was setting maximum segment size too low in some circumstances. Fix the maximum segment size when it is too low.	2024-08-07
Linux--Linux	In the Linux kernel, the following vulnerability has been resolved: libceph: fix race between delayed_work() and ceph_monc_stop() The way the delayed work is handled in ceph_monc_stop() is prone to races with mon_fault() and possibly also finish_hunting(). Both of these can requeue the delayed work which wouldn't be canceled by any of the following code in case that happens after cancel_delayed_work_sync() runs -- __close_session() doesn't mess with the delayed work in order to avoid interfering with the hunting interval logic. This part was missed in commit b5d91704f53e ("libceph: behave in mon_fault() if cur_mon < 0") and use-after-free can still ensue on monc and objects that hang off of it, with monc->auth and monc->monmap being particularly susceptible to quickly being reused. To fix this: - clear monc->cur_mon and monc->hunting as part of closing the session in ceph_monc_stop() - bail from delayed_work() if monc->cur_mon is cleared, similar to how it's done in mon_fault() and finish_hunting() (based on monc->hunting) - call cancel_delayed_work_sync() after the session is closed	2024-08-07
Linux--Linux	In the Linux kernel, the following vulnerability has been resolved: mm: fix crashes from deferred split racing folio migration Even on 6.10-rc6, I've been seeing elusive "Bad page state"s (often on flags when freeing, yet the flags shown are not bad: PG_locked had been set and cleared??), and VM_BUG_ON_PAGE(page_ref_count(page) == 0)s from deferred_split_scan()'s folio_put(), and a variety of other BUG and WARN symptoms implying double free by deferred split and large folio migration. 6.7 commit 9bcef5973e31 ("mm: memcg: fix split queue list crash when large folio migration") was right to fix the memcg-dependent locking broken in 85ce2c517ade ("memcontrol: only transfer the memcg data for migration"), but missed a subtlety of deferred_split_scan(): it moves folios to its own local list to work on them without split_queue_lock, during which time folio->_deferred_list is not empty, but even the "right" lock does nothing to secure the folio and the list it is on. Fortunately, deferred_split_scan() is careful to use folio_try_get(): so folio_migrate_mapping() can avoid the race by folio_undo_large_rmappable() while the old folio's reference count is temporarily frozen to 0 - adding such a freeze in the !mapping case too (originally, folio lock and unmapping and no swap cache left an anon folio unreachable, so no freezing was needed there: but the deferred split queue offers a way to reach it).	2024-08-07
Linux--Linux	In the Linux kernel, the following vulnerability has been resolved: s390/mm: Add NULL pointer check to crst_table_free() base_crst_free() crst_table_free() used to work with NULL pointers before the conversion to ptdescs. Since crst_table_free() can be called with a NULL pointer (error handling in crst_table_upgrade() add an explicit check. Also add the same check to base_crst_free() for consistency reasons. In real life this should not happen, since order two GFP_KERNEL allocations will not fail, unless FAIL_PAGE_ALLOC is enabled and used.	2024-08-07
Linux--Linux	In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() Userspace provided string 's' could trivially have the length zero. Left unchecked this will firstly result in an OOB read in the form `if (str[0 - 1] == '\n') followed closely by an OOB write in the form `str[0 - 1] = '\0'`. There is already a validating check to catch strings that are too long. Let's supply an additional check for invalid strings that are too short.	2024-08-07
Linux--Linux	In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Validate payload length before processing block Move the payload length check in cs_dsp_load() and cs_dsp_coeff_load() to be done before the block is processed. The check that the length of a block payload does not exceed the number of remaining bytes in the firwmware file buffer was being done near the end of the loop iteration. However, some code before that check used the length field without validating it.	2024-08-07
Linux--Linux	In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Return error if block header overflows file Return an error from cs_dsp_power_up() if a block header is longer than the amount of data left in the file. The previous code in cs_dsp_load() and cs_dsp_load_coeff() would loop while there was enough data left in the file for a valid region. This protected against overrunning the end of the file data, but it didn't abort the file processing with an error.	2024-08-07
Linux--Linux	In the Linux kernel, the following vulnerability has been resolved: bpf: Fail bpf_timer_cancel when callback is being cancelled Given a schedule: timer1 cb timer2 cb bpf_timer_cancel(timer2); bpf_timer_cancel(timer1); Both bpf_timer_cancel calls would wait for the other callback to finish executing, introducing a lockup. Add an atomic_t count named 'cancelling' in bpf_hrtimer. This keeps track of all in-flight cancellation requests for a given BPF timer. Whenever cancelling a BPF timer, we must check if we have outstanding cancellation requests, and if so, we must fail the operation with an error (-EDEADLK) since cancellation is synchronous and waits for the callback to finish executing. This implies that we can enter a deadlock situation involving two or more timer callbacks executing in parallel and attempting to cancel one another. Note that we avoid incrementing the cancelling counter for the target timer (the one being cancelled) if bpf_timer_cancel is not invoked from a callback, to avoid spurious errors. The whole point of detecting cur->cancelling and returning -EDEADLK is to not enter a busy wait loop (which may or may not lead to a lockup). This does not apply in case the caller is in a non-callback context, the other side can continue to cancel as it sees fit without running into errors. Background on prior attempts: Earlier versions of this patch used a bool 'cancelling' bit and used the following pattern under timer->lock to publish cancellation status. lock(t->lock); t->cancelling = true; mb(); if (cur->cancelling) return -EDEADLK; unlock(t->lock); hrtimer_cancel(t->timer); t->cancelling = false; The store outside the critical section could overwrite a parallel requests t->cancelling assignment to true, to ensure the parallely executing callback observes its cancellation status. It would be necessary to clear this cancelling bit once hrtimer_cancel is done, but lack of serialization introduced races. Another option was explored where bpf_timer_start would clear the bit when (re)starting the timer under timer->lock. This would ensure serialized access to the cancelling bit, but may allow it to be cleared before in-flight hrtimer_cancel has finished executing, such that lockups can occur again. Thus, we choose an atomic counter to keep track of all outstanding cancellation requests and use it to prevent lockups in case callbacks attempt to cancel each other while executing in parallel.	2024-08-07
Linux--Linux	In the Linux kernel, the following vulnerability has been resolved: x86/bhi: Avoid warning in #DB handler due to BHI mitigation When BHI mitigation is enabled, if SYSENTER is invoked with the TF flag set then entry_SYSENTER_compat() uses CLEAR_BRANCH_HISTORY and calls the clear_bhb_loop() before the TF flag is cleared. This causes the #DB handler (exc_debug_kernel()) to issue a warning because single-step is used outside the entry_SYSENTER_compat() function. To address this issue, entry_SYSENTER_compat() should use CLEAR_BRANCH_HISTORY after making sure the TF flag is cleared. The problem can be reproduced with the following sequence: $ cat sysenter_step.c int main() { asm("pushf; pop %ax; bts $8,%ax; push %ax; popf; sysenter"); } $ gcc -o sysenter_step sysenter_step.c $ ./sysenter_step Segmentation fault (core dumped) The program is expected to crash, and the #DB handler will issue a warning. Kernel log: WARNING: CPU: 27 PID: 7000 at arch/x86/kernel/traps.c:1009 exc_debug_kernel+0xd2/0x160 ... RIP: 0010:exc_debug_kernel+0xd2/0x160 ... Call Trace: <#DB> ? show_regs+0x68/0x80 ? __warn+0x8c/0x140 ? exc_debug_kernel+0xd2/0x160 ? report_bug+0x175/0x1a0 ? handle_bug+0x44/0x90 ? exc_invalid_op+0x1c/0x70 ? asm_exc_invalid_op+0x1f/0x30 ? exc_debug_kernel+0xd2/0x160 exc_debug+0x43/0x50 asm_exc_debug+0x1e/0x40 RIP: 0010:clear_bhb_loop+0x0/0xb0 ... </#DB> <TASK> ? entry_SYSENTER_compat_after_hwframe+0x6e/0x8d </TASK> [ bp: Massage commit message. ]	2024-08-07
Linux--Linux	In the Linux kernel, the following vulnerability has been resolved: mm/shmem: disable PMD-sized page cache if needed For shmem files, it's possible that PMD-sized page cache can't be supported by xarray. For example, 512MB page cache on ARM64 when the base page size is 64KB can't be supported by xarray. It leads to errors as the following messages indicate when this sort of xarray entry is split. WARNING: CPU: 34 PID: 7578 at lib/xarray.c:1025 xas_split_alloc+0xf8/0x128 Modules linked in: binfmt_misc nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 \ nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject \ nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 \ ip_set rfkill nf_tables nfnetlink vfat fat virtio_balloon drm fuse xfs \ libcrc32c crct10dif_ce ghash_ce sha2_ce sha256_arm64 sha1_ce virtio_net \ net_failover virtio_console virtio_blk failover dimlib virtio_mmio CPU: 34 PID: 7578 Comm: test Kdump: loaded Tainted: G W 6.10.0-rc5-gavin+ #9 Hardware name: QEMU KVM Virtual Machine, BIOS edk2-20240524-1.el9 05/24/2024 pstate: 83400005 (Nzcv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--) pc : xas_split_alloc+0xf8/0x128 lr : split_huge_page_to_list_to_order+0x1c4/0x720 sp : ffff8000882af5f0 x29: ffff8000882af5f0 x28: ffff8000882af650 x27: ffff8000882af768 x26: 0000000000000cc0 x25: 000000000000000d x24: ffff00010625b858 x23: ffff8000882af650 x22: ffffffdfc0900000 x21: 0000000000000000 x20: 0000000000000000 x19: ffffffdfc0900000 x18: 0000000000000000 x17: 0000000000000000 x16: 0000018000000000 x15: 52f8004000000000 x14: 0000e00000000000 x13: 0000000000002000 x12: 0000000000000020 x11: 52f8000000000000 x10: 52f8e1c0ffff6000 x9 : ffffbeb9619a681c x8 : 0000000000000003 x7 : 0000000000000000 x6 : ffff00010b02ddb0 x5 : ffffbeb96395e378 x4 : 0000000000000000 x3 : 0000000000000cc0 x2 : 000000000000000d x1 : 000000000000000c x0 : 0000000000000000 Call trace: xas_split_alloc+0xf8/0x128 split_huge_page_to_list_to_order+0x1c4/0x720 truncate_inode_partial_folio+0xdc/0x160 shmem_undo_range+0x2bc/0x6a8 shmem_fallocate+0x134/0x430 vfs_fallocate+0x124/0x2e8 ksys_fallocate+0x4c/0xa0 __arm64_sys_fallocate+0x24/0x38 invoke_syscall.constprop.0+0x7c/0xd8 do_el0_svc+0xb4/0xd0 el0_svc+0x44/0x1d8 el0t_64_sync_handler+0x134/0x150 el0t_64_sync+0x17c/0x180 Fix it by disabling PMD-sized page cache when HPAGE_PMD_ORDER is larger than MAX_PAGECACHE_ORDER. As Matthew Wilcox pointed, the page cache in a shmem file isn't represented by a multi-index entry and doesn't have this limitation when the xarry entry is split until commit 6b24ca4a1a8d ("mm: Use multi-index entries in the page cache").	2024-08-07
Linux--Linux	In the Linux kernel, the following vulnerability has been resolved: mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray Patch series "mm/filemap: Limit page cache size to that supported by xarray", v2. Currently, xarray can't support arbitrary page cache size. More details can be found from the WARN_ON() statement in xas_split_alloc(). In our test whose code is attached below, we hit the WARN_ON() on ARM64 system where the base page size is 64KB and huge page size is 512MB. The issue was reported long time ago and some discussions on it can be found here [1]. [1] https://www.spinics.net/lists/linux-xfs/msg75404.html In order to fix the issue, we need to adjust MAX_PAGECACHE_ORDER to one supported by xarray and avoid PMD-sized page cache if needed. The code changes are suggested by David Hildenbrand. PATCH[1] adjusts MAX_PAGECACHE_ORDER to that supported by xarray PATCH[2-3] avoids PMD-sized page cache in the synchronous readahead path PATCH[4] avoids PMD-sized page cache for shmem files if needed Test program ============ # cat test.c #define _GNU_SOURCE #include <stdio.h> #include <stdlib.h> #include <unistd.h> #include <string.h> #include <fcntl.h> #include <errno.h> #include <sys/syscall.h> #include <sys/mman.h> #define TEST_XFS_FILENAME "/tmp/data" #define TEST_SHMEM_FILENAME "/dev/shm/data" #define TEST_MEM_SIZE 0x20000000 int main(int argc, char *argv) { const char filename; int fd = 0; void buf = (void )-1, p; int pgsize = getpagesize(); int ret; if (pgsize != 0x10000) { fprintf(stderr, "64KB base page size is required\n"); return -EPERM; } system("echo force > /sys/kernel/mm/transparent_hugepage/shmem_enabled"); system("rm -fr /tmp/data"); system("rm -fr /dev/shm/data"); system("echo 1 > /proc/sys/vm/drop_caches"); / Open xfs or shmem file / filename = TEST_XFS_FILENAME; if (argc > 1 && !strcmp(argv[1], "shmem")) filename = TEST_SHMEM_FILENAME; fd = open(filename, O_CREAT \| O_RDWR \| O_TRUNC); if (fd < 0) { fprintf(stderr, "Unable to open <%s>\n", filename); return -EIO; } / Extend file size / ret = ftruncate(fd, TEST_MEM_SIZE); if (ret) { fprintf(stderr, "Error %d to ftruncate()\n", ret); goto cleanup; } / Create VMA / buf = mmap(NULL, TEST_MEM_SIZE, PROT_READ \| PROT_WRITE, MAP_SHARED, fd, 0); if (buf == (void )-1) { fprintf(stderr, "Unable to mmap <%s>\n", filename); goto cleanup; } fprintf(stdout, "mapped buffer at 0x%p\n", buf); ret = madvise(buf, TEST_MEM_SIZE, MADV_HUGEPAGE); if (ret) { fprintf(stderr, "Unable to madvise(MADV_HUGEPAGE)\n"); goto cleanup; } /* Populate VMA / ret = madvise(buf, TEST_MEM_SIZE, MADV_POPULATE_WRITE); if (ret) { fprintf(stderr, "Error %d to madvise(MADV_POPULATE_WRITE)\n", ret); goto cleanup; } / Punch the file to enforce xarray split / ret = fallocate(fd, FALLOC_FL_KEEP_SIZE \| FALLOC_FL_PUNCH_HOLE, TEST_MEM_SIZE - pgsize, pgsize); if (ret) fprintf(stderr, "Error %d to fallocate()\n", ret); cleanup: if (buf != (void )-1) munmap(buf, TEST_MEM_SIZE); if (fd > 0) close(fd); return 0; } # gcc test.c -o test # cat /proc/1/smaps \| grep KernelPageSize \| head -n 1 KernelPageSize: 64 kB # ./test shmem : ------------[ cut here ]------------ WARNING: CPU: 17 PID: 5253 at lib/xarray.c:1025 xas_split_alloc+0xf8/0x128 Modules linked in: nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib \ nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct \ nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 \ ip_set nf_tables rfkill nfnetlink vfat fat virtio_balloon \ drm fuse xfs libcrc32c crct10dif_ce ghash_ce sha2_ce sha256_arm64 \ virtio_net sha1_ce net_failover failover virtio_console virtio_blk \ dimlib virtio_mmio CPU: 17 PID: 5253 Comm: test Kdump: loaded Tainted: G W 6.10.0-rc5-gavin+ #12 Hardware name: QEMU KVM Virtual Machine, BIOS edk2-20240524-1.el9 05/24/2024 pstate: 83400005 (Nzcv daif +PAN -UAO +TC ---truncated---	2024-08-07
Linux--Linux	In the Linux kernel, the following vulnerability has been resolved: USB: serial: mos7840: fix crash on resume Since commit c49cfa917025 ("USB: serial: use generic method if no alternative is provided in usb serial layer"), USB serial core calls the generic resume implementation when the driver has not provided one. This can trigger a crash on resume with mos7840 since support for multiple read URBs was added back in 2011. Specifically, both port read URBs are now submitted on resume for open ports, but the context pointer of the second URB is left set to the core rather than mos7840 port structure. Fix this by implementing dedicated suspend and resume functions for mos7840. Tested with Delock 87414 USB 2.0 to 4x serial adapter. [ johan: analyse crash and rewrite commit message; set busy flag on resume; drop bulk-in check; drop unnecessary usb_kill_urb() ]	2024-08-07
Linux--Linux	In the Linux kernel, the following vulnerability has been resolved: Revert "sched/fair: Make sure to try to detach at least one movable task" This reverts commit b0defa7ae03ecf91b8bfd10ede430cff12fcbd06. b0defa7ae03ec changed the load balancing logic to ignore env.max_loop if all tasks examined to that point were pinned. The goal of the patch was to make it more likely to be able to detach a task buried in a long list of pinned tasks. However, this has the unfortunate side effect of creating an O(n) iteration in detach_tasks(), as we now must fully iterate every task on a cpu if all or most are pinned. Since this load balance code is done with rq lock held, and often in softirq context, it is very easy to trigger hard lockups. We observed such hard lockups with a user who affined O(10k) threads to a single cpu. When I discussed this with Vincent he initially suggested that we keep the limit on the number of tasks to detach, but increase the number of tasks we can search. However, after some back and forth on the mailing list, he recommended we instead revert the original patch, as it seems likely no one was actually getting hit by the original issue.	2024-08-07
Linux--Linux	In the Linux kernel, the following vulnerability has been resolved: net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket When using a BPF program on kernel_connect(), the call can return -EPERM. This causes xs_tcp_setup_socket() to loop forever, filling up the syslog and causing the kernel to potentially freeze up. Neil suggested: This will propagate -EPERM up into other layers which might not be ready to handle it. It might be safer to map EPERM to an error we would be more likely to expect from the network system - such as ECONNREFUSED or ENETDOWN. ECONNREFUSED as error seems reasonable. For programs setting a different error can be out of reach (see handling in 4fbac77d2d09) in particular on kernels which do not have f10d05966196 ("bpf: Make BPF_PROG_RUN_ARRAY return -err instead of allow boolean"), thus given that it is better to simply remap for consistent behavior. UDP does handle EPERM in xs_udp_send_request().	2024-08-07
Linux--Linux	In the Linux kernel, the following vulnerability has been resolved: wireguard: allowedips: avoid unaligned 64-bit memory accesses On the parisc platform, the kernel issues kernel warnings because swap_endian() tries to load a 128-bit IPv6 address from an unaligned memory location: Kernel: unaligned access to 0x55f4688c in wg_allowedips_insert_v6+0x2c/0x80 [wireguard] (iir 0xf3010df) Kernel: unaligned access to 0x55f46884 in wg_allowedips_insert_v6+0x38/0x80 [wireguard] (iir 0xf2010dc) Avoid such unaligned memory accesses by instead using the get_unaligned_be64() helper macro. [Jason: replace src[8] in original patch with src+8]	2024-08-07
Linux--Linux	In the Linux kernel, the following vulnerability has been resolved: tty: serial: ma35d1: Add a NULL check for of_node The pdev->dev.of_node can be NULL if the "serial" node is absent. Add a NULL check to return an error in such cases.	2024-08-07
Linux--Linux	In the Linux kernel, the following vulnerability has been resolved: cachefiles: add missing lock protection when polling Add missing lock protection in poll routine when iterating xarray, otherwise: Even with RCU read lock held, only the slot of the radix tree is ensured to be pinned there, while the data structure (e.g. struct cachefiles_req) stored in the slot has no such guarantee. The poll routine will iterate the radix tree and dereference cachefiles_req accordingly. Thus RCU read lock is not adequate in this case and spinlock is needed here.	2024-08-07
Logsign--Unifed SecOPS Platform	Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The specific flaw exists within the get_response_json_result endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-24680.	2024-08-06
mailcow--mailcow-dockerized	mailcow: dockerized is an open source groupware/email suite based on docker. A vulnerability has been discovered in the two-factor authentication (2FA) mechanism. This flaw allows an authenticated attacker to bypass the 2FA protection, enabling unauthorized access to other accounts that are otherwise secured with 2FA. To exploit this vulnerability, the attacker must first have access to an account within the system and possess the credentials of the target account that has 2FA enabled. By leveraging these credentials, the attacker can circumvent the 2FA process and gain access to the protected account. This issue has been addressed in the `2024-07` release. All users are advised to upgrade. There are no known workarounds for this vulnerability.	2024-08-05
michaelrsweet--pdfio	PDFio is a simple C library for reading and writing PDF files. There is a denial of service (DOS) vulnerability in the TTF parser. Maliciously crafted TTF files can cause the program to utilize 100% of the Memory and enter an infinite loop. This can also lead to a heap-buffer-overflow vulnerability. An infinite loop occurs in the read_camp function by nGroups value. The ttf.h library is vulnerable. A value called nGroups is extracted from the file, and by changing that value, you can cause the program to utilize 100% of the Memory and enter an infinite loop. If the value of nGroups in the file is small, an infinite loop will not occur. This library, whether used as a standalone binary or as part of another application, is vulnerable to DOS attacks when parsing certain types of files. Automated systems, including web servers that use this code to convert PDF submissions into plaintext, can be DOSed if an attacker uploads a malicious TTF file. This issue has been addressed in release version 1.3.1. All users are advised to upgrade. There are no known workarounds for this vulnerability.	2024-08-06
Microsoft--Windows 10 Version 1809	Summary: Microsoft was notified that an elevation of privilege vulnerability exists in Windows based systems supporting Virtualization Based Security (VBS) including a subset of Azure Virtual Machine SKUS; enabling an attacker with administrator privileges to replace current versions of Windows system files with outdated versions. By exploiting this vulnerability, an attacker could reintroduce previously mitigated vulnerabilities, circumvent some features of VBS, and exfiltrate data protected by VBS. For more information on Windows versions and VM SKUs supporting VBS, reference: Virtualization-based Security (VBS) \| Microsoft Learn.. Microsoft is developing a security update to mitigate this vulnerability, but it is not yet available. Guidance to help customers reduce the risks associated with this vulnerability and to protect their systems until the mitigation is available in a Windows security update is provided in the Recommended Actions section of this CVE. This CVE will be updated when the mitigation is available in a Windows security update. We highly encourage customers to subscribe to Security Update Guide notifications to receive an alert when this update occurs. Details: A security researcher informed Microsoft of an elevation of privilege vulnerability in Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, Windows Server 2022 , and a subset of Azure Virtual Machines (VM) SKUs with a Windows based guestOS supporting VBS. For more information on Windows versions and VM SKUs supporting VBS, reference: Virtualization-based Security (VBS) \| Microsoft Learn. The vulnerability enables an attacker with administrator privileges on the target system to replace current Windows system files with outdated versions. Successful exploitation provides an attacker with the ability to reintroduce previously mitigated vulnerabilities, circumvent VBS security features, and exfiltrate data protected by VBS. Microsoft is developing a security update that will revoke outdated, unpatched VBS system files to mitigate this vulnerability, but it is not yet available. Due to the complexity of blocking such a large quantity of files, rigorous testing is required to avoid integration failures or regressions. This CVE will be updated with new information and links to the security updates once available. We highly encourage customers subscribe to Security Update Guide notifications to be alerted of updates. See Microsoft Technical Security Notifications and Security Update Guide Notification System News: Create your profile now - Microsoft Security Response Center. Microsoft is not aware of any attempts to exploit this vulnerability. However, a public presentation regarding this vulnerability was hosted at BlackHat on August 07th, 2024. The presentation was appropriately coordinated with Microsoft but may change the threat landscape. Customers concerned with these risks should reference the guidance provided in the Recommended Actions section of this CVE to protect their systems. Recommended Actions: The following recommendations do not mitigate the vulnerability but can be used to reduce the risk of exploitation until the security update is available. Configure "Audit Object Access" settings to monitor attempts to access files, such as handle creation, read / write operations, or modifications to security descriptors. Audit File System - Windows 10 \| Microsoft Learn Apply a basic audit policy on a file or folder - Windows 10 \| Microsoft Learn Auditing sensitive privileges used to identify access, modification, or replacement of VBS related files could help indicacte attempts to exploit this vulnerability. Audit Sensitive Privilege Use - Windows 10 \| Microsoft Learn Protect your Azure tenant by investigating administrators and users flagged for risky sign-ins and rotating their credentials. Investigate risk Microsoft Entra ID Protection - Microsoft Entra ID Protection \| Microsoft Learn Enabling Multi-Factor Authentication can also help alleviate concerns about compromised accounts or exposure. Enforce multifactor...	2024-08-08
N/A -- N/A	A Reflected Cross Site Scripting (XSS) vulnerability was found in " /smsa/teacher_login.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via the "error" parameter.	2024-08-07
N/A -- N/A	A Reflected Cross Site Scripting (XSS) vulnerability was found in " /smsa/admin_login.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter.	2024-08-07
N/A -- N/A	A Reflected Cross Site Scripting (XSS) vulnerability was found in /smsa/student_login.php in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter.	2024-08-07
N/A -- N/A	An Incorrect Access Control vulnerability was found in /smsa/admin_teacher_register_approval.php and /smsa/admin_teacher_register_approval_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view and approve Teacher registration.	2024-08-07
N/A -- N/A	An Incorrect Access Control vulnerability was found in /smsa/admin_student_register_approval.php and /smsa/admin_student_register_approval_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view and approve student registration.	2024-08-07
N/A -- N/A	A reflected cross-site scripting (XSS) vulnerability in Phpgurukul Tourism Management System v2.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the uname parameter.	2024-08-06
N/A -- N/A	An Incorrect Access Control vulnerability was found in /smsa/view_marks.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view MARKS details.	2024-08-07
N/A -- N/A	An Incorrect Access Control vulnerability was found in /smsa/view_class.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view CLASS details.	2024-08-07
N/A -- N/A	An Incorrect Access Control vulnerability was found in /smsa/view_teachers.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view TEACHER details.	2024-08-07
N/A -- N/A	An Incorrect Access Control vulnerability was found in /smsa/admin_dashboard.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view administrator dashboard.	2024-08-07
N/A -- N/A	An Incorrect Access Control vulnerability was found in /smsa/add_class.php and /smsa/add_class_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to add a new class entry.	2024-08-07
N/A -- N/A	An Incorrect Access Control vulnerability was found in /smsa/add_subject.php and /smsa/add_subject_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to add a new subject entry.	2024-08-07
N/A -- N/A	An Incorrect Access Control vulnerability was found in /smsa/view_subject.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view SUBJECT details.	2024-08-07
N/A -- N/A	An Incorrect Access Control vulnerability was found in /smsa/view_students.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view STUDENT details.	2024-08-07
N/A -- N/A	An IP Spoofing vulnerability has been discovered in Likeshop up to 2.5.7.20210811. This issue allows an attacker to replace their real IP address with any arbitrary IP address, specifically by adding a forged 'X-Forwarded' or 'Client-IP' header to requests. Exploiting IP spoofing, attackers can bypass account lockout mechanisms during attempts to log into admin accounts, spoof IP addresses in requests sent to the server, and impersonate IP addresses that have logged into user accounts, etc.	2024-08-07
N/A -- N/A	A Stored Cross Site Scripting (XSS) vulnerability was found in "/smsa/add_class_submit.php" in Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "class_name" parameter field.	2024-08-07
n/a--FFmpeg	A vulnerability was found in FFmpeg up to 7.0.1. It has been classified as critical. This affects the function pnm_decode_frame in the library /libavcodec/pnmdec.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 7.0.2 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-273651.	2024-08-06
n/a--n/a	Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR4 fails to validate /etc/initab during the Pre-Boot Authorization (PBA) process. This can be exploited by a physical attacker who is able to manipulate the contents of the system's hard disk.	2024-08-08
n/a--n/a	Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR15, 4.0.0 SR05, 4.1.0 SR03, and 4.2.0 SR02 fails to validate the directory contents of certain directories (e.g., ensuring the expected hash sum) during the Pre-Boot Authorization (PBA) process. This can be exploited by a physical attacker who is able to manipulate the contents of the system's hard disk.	2024-08-08
n/a--n/a	ID4Portais in version < V.2022.837.002a returns message parameter unsanitized in the response, resulting in a HTML Injection vulnerability.	2024-08-06
n/a--n/a	An issue discovered in import host feature in Ab Initio Metadata Hub and Authorization Gateway before 4.3.1.1 allows attackers to run arbitrary code via crafted modification of server configuration.	2024-08-08
n/a--n/a	microweber 2.0.16 was discovered to contain a Cross Site Scripting (XSS) vulnerability via userfiles\modules\tags\add_tagging_tagged.php.	2024-08-05
n/a--n/a	microweber 2.0.16 was discovered to contain a Cross Site Scripting (XSS) vulnerability via userfiles\modules\settings\admin.php.	2024-08-05
n/a--n/a	1Password 8 before 8.10.38 for macOS allows local attackers to exfiltrate vault items by bypassing macOS-specific security mechanisms.	2024-08-06
n/a--n/a	Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR17, 4.0.0 SR07, 4.1.0 SR04, 4.2.0 SR04, and 4.3.0 SR03 fails to validate file attributes during the Pre-Boot Authorization (PBA) process. This can be exploited by a physical attacker who is able to manipulate the contents of the system's hard disk.	2024-08-08
n/a--n/a	A SQL injection vulnerability in /smsa/student_login.php in Kashipara Responsive School Management System v1.0 allows an attacker to execute arbitrary SQL commands via the "username" parameter.	2024-08-08
n/a--PMWef	A vulnerability has been found in PMWeb 7.2.00 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Web Application Firewall. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273559. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2024-08-05
nuxt--nuxt	Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. The `navigateTo` function attempts to blockthe `javascript:` protocol, but does not correctly use API's provided by `unjs/ufo`. This library also contains parsing discrepancies. The function first tests to see if the specified URL has a protocol. This uses the unjs/ufo package for URL parsing. This function works effectively, and returns true for a javascript: protocol. After this, the URL is parsed using the parseURL function. This function will refuse to parse poorly formatted URLs. Parsing javascript:alert(1) returns null/"" for all values. Next, the protocol of the URL is then checked using the isScriptProtocol function. This function simply checks the input against a list of protocols, and does not perform any parsing. The combination of refusing to parse poorly formatted URLs, and not performing additional parsing means that script checks fail as no protocol can be found. Even if a protocol was identified, whitespace is not stripped in the parseURL implementation, bypassing the isScriptProtocol checks. Certain special protocols are identified at the top of parseURL. Inserting a newline or tab into this sequence will block the special protocol check, and bypass the latter checks. This ONLY has impact after SSR has occured, the `javascript:` protocol within a location header does not trigger XSS. This issue has been addressed in release version 3.12.4 and all users are advised to upgrade. There are no known workarounds for this vulnerability.	2024-08-05
NVIDIA--Mellanox OS	NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC contain a vulnerability in the LDAP AAA component, where a user can cause improper access. A successful exploit of this vulnerability might lead to information disclosure, data tampering, and escalation of privileges.	2024-08-08
Okta--Okta Verify for Windows	Okta Verify for Windows is vulnerable to privilege escalation through DLL hijacking. The vulnerability is fixed in Okta Verify for Windows version 5.0.2. To remediate this vulnerability, upgrade to 5.0.2 or greater.	2024-08-07
Open WebUI--Open WebUI	Attackers can craft a malicious prompt that coerces the language model into executing arbitrary JavaScript in the context of the web page.	2024-08-07
OpenText--ArcSight Intelligence	Insecure Direct Object Reference vulnerability identified in OpenText ArcSight Intelligence.	2024-08-06
OpenText--ArcSight Intelligence	Incorrect Authorization vulnerability identified in OpenText ArcSight Intelligence.	2024-08-06
OpenText--ArcSight Intelligence	Privilege escalation vulnerability identified in OpenText ArcSight Intelligence.	2024-08-06
Qualcomm, Inc.--Snapdragon	Information disclosure while handling beacon or probe response frame in STA.	2024-08-05
Qualcomm, Inc.--Snapdragon	Information disclosure while handling beacon probe frame during scan entry generation in client side.	2024-08-05
Qualcomm, Inc.--Snapdragon	Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network.	2024-08-05
Qualcomm, Inc.--Snapdragon	Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes modulus.	2024-08-05
QwikDev--qwik	Qwik is a performance focused javascript framework. A potential mutation XSS vulnerability exists in Qwik for versions up to but not including 1.6.0. Qwik improperly escapes HTML on server-side rendering. It converts strings according to the rules found in the `render-ssr.ts` file. It sometimes causes the situation that the final DOM tree rendered on browsers is different from what Qwik expects on server-side rendering. This may be leveraged to perform XSS attacks, and a type of the XSS is known as mXSS (mutation XSS). This has been resolved in qwik version 1.6.0 and @builder.io/qwik version 1.7.3. All users are advised to upgrade. There are no known workarounds for this vulnerability.	2024-08-06
Samsung Mobile--Samsung Email	Use of implicit intent for sensitive communication in Samsung Email prior to version 6.1.94.2 allows local attackers to get sensitive information.	2024-08-07
Samsung Mobile--Samsung Mobile Devices	Improper access control in LedCoverService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.	2024-08-07
Samsung Mobile--Samsung Mobile Devices	Improper access control in SamsungHealthService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.	2024-08-07
Samsung Mobile--Samsung Mobile Devices	Improper access control in SmartThingsService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.	2024-08-07
Samsung Mobile--Samsung Mobile Devices	Improper access control in SamsungNotesService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.	2024-08-07
Samsung Mobile--Samsung Mobile Devices	Improper access control in PaymentManagerService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.	2024-08-07
Samsung Mobile--Samsung Mobile Devices	Improper access control in VoiceNoteService prior to SMR Aug-2024 Release 1 allows local attackers to bypass restrictions on starting services from the background.	2024-08-07
Samsung Mobile--Samsung Mobile Devices	Improper access control in ExtControlDeviceService prior to SMR Aug-2024 Release 1 allows local attackers to access protected data.	2024-08-07
Samsung Mobile--Samsung Mobile Devices	Improper access control in KnoxService prior to SMR Aug-2024 Release 1 allows local attackers to get sensitive information.	2024-08-07
Samsung Mobile--Samsung Mobile Devices	Out-of-bound write in libsmat.so prior to SMR Aug-2024 Release 1 allows local attackers to cause memory corruption.	2024-08-07
Samsung Mobile--Samsung Mobile Devices	Improper handling of insufficient permission in KnoxDualDARPolicy prior to SMR Aug-2024 Release 1 allows local attackers to access sensitive data.	2024-08-07
Samsung Mobile--Samsung Mobile Devices	Improper access control in Galaxy Watch prior to SMR Aug-2024 Release 1 allows local attackers to access sensitive information of Galaxy watch.	2024-08-07
Samsung Mobile--Samsung Mobile Devices	Improper handling of insufficient permission in Telephony prior to SMR Aug-2024 Release 1 allows local attackers to configure default Message application.	2024-08-07
Samsung Mobile--Samsung Mobile Devices	Improper access control in System property prior to SMR Aug-2024 Release 1 allows local attackers to access cell related information.	2024-08-07
Samsung Mobile--Samsung Notes	Out-of-bounds read in applying binary with data in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.	2024-08-07
Samsung Mobile--Samsung Notes	Out-of-bounds read in applying paragraphs in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.	2024-08-07
Samsung Mobile--Samsung Notes	Out-of-bounds read in applying connection point in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.	2024-08-07
Samsung Mobile--Samsung Notes	Out-of-bounds read in applying own binary in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.	2024-08-07
Samsung Mobile--Samsung Notes	Out-of-bounds read in parsing implemention in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.	2024-08-07
Samsung Mobile--Samsung Notes	Out-of-bounds read in applying binary with path in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.	2024-08-07
Samsung Mobile--Samsung Notes	Out-of-bounds read in applying binary with text common object in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.	2024-08-07
Samsung Mobile--Samsung Notes	Out-of-bounds read in applying own binary with textbox in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.	2024-08-07
Samsung Mobile--Samsung Notes	Out-of-bounds read in applying new binary in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory.	2024-08-07
sbouey--Falang multilanguage for WordPress	The Falang multilanguage for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 1.3.52. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update and delete translations and expose the administrator email address.	2024-08-08
shopware--shopware	Shopware is an open commerce platform. The store-API works with regular entities and not expose all fields for the public API; fields need to be marked as ApiAware in the EntityDefinition. So only ApiAware fields of the EntityDefinition will be encoded to the final JSON. Prior to versions 6.6.5.1 and 6.5.8.13, the processing of the Criteria did not considered ManyToMany associations and so they were not considered properly and the protections didn't get used. This issue cannot be reproduced with the default entities by Shopware, but can be triggered with extensions. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.2, 6.3, and 6.4, corresponding security measures are also available via a plugin.	2024-08-08
SourceCodester--Clinics Patient Management System	A vulnerability, which was classified as critical, has been found in SourceCodester Clinics Patient Management System 1.0. Affected by this issue is some unknown functionality of the file /new_prescription.php. The manipulation of the argument patient leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273620.	2024-08-05
themebeez--Orchid Store	The Orchid Store theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'orchid_store_activate_plugin' function in all versions up to, and including, 1.5.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to activate the Addonify Floating Cart For WooCommerce plugin if it is installed.	2024-08-08
themefusecom--Brizy Page Builder	The Brizy - Page Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.5.1. This is due to missing or incorrect nonce validation on form submissions. This makes it possible for unauthenticated attackers to submit forms intended for public use as another user via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. On sites where unfiltered_html is enabled, this can lead to the admin unknowingly adding a Stored Cross-Site Scripting payload.	2024-08-08
TOTOLINK--CP900	A vulnerability, which was classified as critical, has been found in TOTOLINK CP900 6.3c.566. This issue affects the function setTelnetCfg of the component Telnet Service. The manipulation of the argument telnet_enabled leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273557 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2024-08-05
Unknown--Community Events	The Community Events WordPress plugin before 1.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)	2024-08-05
Unknown--Ditty	The Ditty WordPress plugin before 3.1.45 does not sanitise and escape some parameters, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks.	2024-08-05
Unknown--Gutenberg Blocks with AI by Kadence WP	The Gutenberg Blocks with AI by Kadence WP WordPress plugin before 3.2.39 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks	2024-08-08
Unknown--Pinpoint Booking System	The Pinpoint Booking System WordPress plugin before 2.9.9.4.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)	2024-08-05
Unknown--Search & Filter Pro	The Search & Filter Pro WordPress plugin before 2.5.18 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)	2024-08-08
Unknown--shortcodes-ultimate-pro	The shortcodes-ultimate-pro WordPress plugin before 7.2.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks	2024-08-06
Unknown--WordPress File Upload	The WordPress File Upload WordPress plugin before 4.24.8 does not properly sanitize and escape certain parameters, which could allow unauthenticated users to execute stored cross-site scripting (XSS) attacks.	2024-08-07
Unknown--WordPress File Upload	The WordPress File Upload WordPress plugin before 4.24.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin	2024-08-06
Unknown--wp-eMember	The wp-eMember WordPress plugin before v10.7.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack	2024-08-05
wpbakery--WPBakery Visual Composer	The WPBakery Visual Composer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link' parameter in all versions up to, and including, 7.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, and with post permissions granted by an Administrator, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.	2024-08-06
wpdevart--Organization chart	The Organization chart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title_input' and 'node_description' parameter in all versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. By default, this can only be exploited by administrators, but the ability to use and configure charts can be extended to subscribers.	2024-08-07
wptipsntricks--Accept Stripe Payments	The Accept Stripe Payments plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's accept_stripe_payment_ng shortcode in all versions up to, and including, 2.0.86 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.	2024-08-07
XjSv--Cooked	Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to Persistent Cross-Site Scripting (XSS) via the '[cooked-timer]' shortcode in versions up to, and including, 1.8.0 due to insufficient input sanitization and output escaping. This vulnerability allows authenticated attackers with subscriber-level access and above to inject arbitrary web scripts in pages that will execute whenever a user accesses a compromised page. This issue has been addressed in release version 1.8.1. All users are advised to upgrade. There are no known workarounds for this vulnerability.	2024-08-05
Zscaler--Client Connector	An Improper Validation of signature in Zscaler Client Connector on Windows allows an authenticated user to disable anti-tampering. This issue affects Client Connector on Windows <4.2.0.190.	2024-08-06
Zscaler--Client Connector	In certain cases, Zscaler Internet Access (ZIA) can be disabled by PowerShell commands with admin rights. This affects Zscaler Client Connector on Windows <4.2.1	2024-08-06

Low Vulnerabilities

Primary Vendor -- Product	Description	Published
biscuit-auth--biscuit	Biscuit is an authorization token with decentralized verification, offline attenuation and strong security policy enforcement based on a logic language. Third-party blocks can be generated without transferring the whole token to the third-party authority. Instead, a `ThirdPartyBlock` request can be sent, providing only the necessary info to generate a third-party block and to sign it: 1. the public key of the previous block (used in the signature), 2. the public keys part of the token symbol table (for public key interning in datalog expressions). A third-part block request forged by a malicious user can trick the third-party authority into generating datalog trusting the wrong keypair. Tokens with third-party blocks containing `trusted` annotations generated through a third party block request. This has been addressed in version 4 of the specification. Users are advised to update their implementations to conform. There are no known workarounds for this vulnerability.	2024-08-05
Google--Chrome	Race in Frames in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)	2024-08-06
Huawei--HarmonyOS	Access permission verification vulnerability in the Notepad module Impact: Successful exploitation of this vulnerability may affect service confidentiality.	2024-08-08
Icinga--ipl-web	ipl/web is a set of common web components for php projects. Some of the recent development by Icinga is, under certain circumstances, susceptible to cross site request forgery. (CSRF). All affected products, in any version, will be unaffected by this once `icinga-php-library` is upgraded. Version 0.10.1 includes a fix for this. It will be published as part of the `icinga-php-library` v0.14.1 release.	2024-08-05
juzaweb--CMS	A vulnerability was found in juzaweb CMS up to 3.4.2. It has been classified as problematic. Affected is an unknown function of the file /admin-cp/theme/editor/default of the component Theme Editor. The manipulation leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273696. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.	2024-08-06
Linux--Linux	In the Linux kernel, the following vulnerability has been resolved: filemap: replace pte_offset_map() with pte_offset_map_nolock() The vmf->ptl in filemap_fault_recheck_pte_none() is still set from handle_pte_fault(). But at the same time, we did a pte_unmap(vmf->pte). After a pte_unmap(vmf->pte) unmap and rcu_read_unlock(), the page table may be racily changed and vmf->ptl maybe fails to protect the actual page table. Fix this by replacing pte_offset_map() with pte_offset_map_nolock(). As David said, the PTL pointer might be stale so if we continue to use it infilemap_fault_recheck_pte_none(), it might trigger UAF. Also, if the PTL fails, the issue fixed by commit 58f327f2ce80 ("filemap: avoid unnecessary major faults in filemap_fault()") might reappear.	2024-08-07
Linux--Linux	In the Linux kernel, the following vulnerability has been resolved: spi: don't unoptimize message in spi_async() Calling spi_maybe_unoptimize_message() in spi_async() is wrong because the message is likely to be in the queue and not transferred yet. This can corrupt the message while it is being used by the controller driver. spi_maybe_unoptimize_message() is already called in the correct place in spi_finalize_current_message() to balance the call to spi_maybe_optimize_message() in spi_async().	2024-08-07
mailcow--mailcow-dockerized	mailcow: dockerized is an open source groupware/email suite based on docker. An authenticated admin user can inject a JavaScript payload into the Relay Hosts configuration. The injected payload is executed whenever the configuration page is viewed, enabling the attacker to execute arbitrary scripts in the context of the user's browser. This could lead to data theft, or further exploitation. This issue has been addressed in the `2024-07` release. All users are advised to upgrade. There are no known workarounds for this vulnerability.	2024-08-05
NVIDIA--NVIDIA CUDA Toolkit	NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. A successful exploit of this vulnerability might lead to denial of service.	2024-08-08
Samsung Mobile -- Samsung Notes	Out-of-bounds read in uuid parsing in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory.	2024-08-07
Samsung Mobile -- Samsung Notes	Out-of-bounds read in parsing object header in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory.	2024-08-07
Samsung Mobile -- Samsung Notes	Out-of-bounds read in parsing connected object list in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory.	2024-08-07
Samsung Mobile -- Samsung Notes	Out-of-bounds read in parsing textbox object in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory.	2024-08-07

Severity Not Yet Assigned

Primary Vendor -- Product	Description	Published	CVSS Score
Apache Software Foundation--Apache Airflow Providers FAB	Insufficient Session Expiration vulnerability in Apache Airflow Providers FAB. This issue affects Apache Airflow Providers FAB: 1.2.1 (when used with Apache Airflow 2.9.3) and FAB 1.2.0 for all Airflow versions. The FAB provider prevented the user from logging out. * FAB provider 1.2.1 only affected Airflow 2.9.3 (earlier and later versions of Airflow are not affected) * FAB provider 1.2.0 affected all versions of Airflow. Users who run Apache Airflow 2.9.3 are recommended to upgrade to Apache Airflow Providers FAB version 1.2.2 which fixes the issue. Users who run Any Apache Airflow version and have FAB provider 1.2.0 are recommended to upgrade to Apache Airflow Providers FAB version 1.2.2 which fixes the issue. Also upgrading Apache Airflow to latest version available is recommended. Note: Early version of Airflow reference container images of Airflow 2.9.3 and constraint files contained FAB provider 1.2.1 version, but this is fixed in updated versions of the images. Users are advised to pull the latest Airflow images or reinstall FAB provider according to the current constraints.	2024-08-05	not yet calculated
Apache Software Foundation--Apache CloudStack	In Apache CloudStack 4.19.1.0, a regression in the network listing API allows unauthorised list access of network details for domain admin and normal user accounts. This vulnerability compromises tenant isolation, potentially leading to unauthorised access to network details, configurations and data. Affected users are advised to upgrade to version 4.19.1.1 to address this issue. Users on older versions of CloudStack considering to upgrade, can skip 4.19.1.0 and upgrade directly to 4.19.1.1.	2024-08-07	not yet calculated
Concrete CMS--Concrete CMS	Concrete CMS versions 9 through 9.3.2 and below 8.5.18 are vulnerable to Stored XSS in getAttributeSetName(). A rogue administrator could inject malicious code. The Concrete CMS team gave this a CVSS v3.1 rank of 2 with vector AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator and a CVSS v4.0 rank of 1.8 with vector CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N . Thanks, m3dium for reporting.	2024-08-08	not yet calculated
Cybozu, Inc.--Cybozu Office	Insertion of sensitive information into sent data issue exists in Cybozu Office 10.0.0 to 10.8.6, which may allow a user who can login to the product to view data that the user does not have access by conducting 'search' under certain conditions in Custom App.	2024-08-06	not yet calculated
Gitea--Gitea Open Source Git Server	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gitea Gitea Open Source Git Server allows Stored XSS.This issue affects Gitea Open Source Git Server: 1.22.0.	2024-08-06	not yet calculated
Google--gRPC	It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see failed requests. It's also possible to use this vulnerability to leak other clients HTTP header keys, but not values. This occurs because the error status for a misencoded header is not cleared between header reads, resulting in subsequent (incrementally indexed) added headers in the first request being poisoned until cleared from the HPACK table. Please update to a fixed version of gRPC as soon as possible. This bug has been fixed in 1.58.3, 1.59.5, 1.60.2, 1.61.3, 1.62.3, 1.63.2, 1.64.3, 1.65.4.	2024-08-06	not yet calculated
Hamastar Technology--MeetingHub Paperless Meetings	A Unrestricted upload of file with dangerous type vulnerability in meeting management function in Hamastar MeetingHub Paperless Meetings 2021 allows remote authenticated users to perform arbitrary system commands via a crafted ASP file.	2024-08-05	not yet calculated
Hamastar Technology--MeetingHub Paperless Meetings	A Plaintext Storage of a Password vulnerability in ebooknote function in Hamastar MeetingHub Paperless Meetings 2021 allows remote attackers to obtain the other users' credentials and gain access to the product via an XML file.	2024-08-05	not yet calculated
HP Inc.--Poly Clariti Manager	A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware contained multiple XSS vulnerabilities in the version of JavaScript used.	2024-08-06	not yet calculated
HP Inc.--Poly Clariti Manager	A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The flaw does not properly neutralize input during a web page generation.	2024-08-06	not yet calculated
HP Inc.--Poly Clariti Manager	A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware flaw does not properly implement access controls.	2024-08-07	not yet calculated
HP Inc.--Poly Clariti Manager	A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware flaw does not properly sanitize User input.	2024-08-06	not yet calculated
Huawei--HarmonyOS	Access permission verification vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.	2024-08-08	not yet calculated
Ivanti--Docs@Work	Ivanti Docs@Work for Android, before 2.26.0 is affected by the 'Dirty Stream' vulnerability. The application fails to properly sanitize file names, resulting in a path traversal-affiliated vulnerability. This potentially enables other malicious apps on the device to read sensitive information stored in the app root.	2024-08-07	not yet calculated
Ivanti--EPMM	An improper authentication vulnerability in web component of EPMM prior to 12.1.0.1 allows a remote malicious user to access potentially sensitive information	2024-08-07	not yet calculated
Ivanti--EPMM	An insufficient authorization vulnerability in web component of EPMM prior to 12.1.0.1 allows an unauthorized attacker within the network to execute arbitrary commands on the underlying operating system of the appliance.	2024-08-07	not yet calculated
Ivanti--EPMM	An insecure deserialization vulnerability in web component of EPMM prior to 12.1.0.1 allows an authenticated remote attacker to execute arbitrary commands on the underlying operating system of the appliance.	2024-08-07	not yet calculated
Ivanti--EPMM	Insufficient verification of authentication controls in EPMM prior to 12.1.0.1 allows a remote attacker to bypass authentication and access sensitive resources.	2024-08-07	not yet calculated
Jenkins Project--Jenkins	Jenkins 2.470 and earlier, LTS 2.452.3 and earlier allows agent processes to read arbitrary files from the Jenkins controller file system by using the `ClassLoaderProxy#fetchJar` method in the Remoting library.	2024-08-07	not yet calculated
Jenkins Project--Jenkins	Jenkins 2.470 and earlier, LTS 2.452.3 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to access other users' "My Views".	2024-08-07	not yet calculated
Korenix--JetPort 5601v3	An authentication bypass vulnerability in Korenix JetPort 5601v3 allows an attacker to access functionality on the device without specifying a password.This issue affects JetPort 5601v3: through 1.2.	2024-08-05	not yet calculated
Korenix--JetPort 5601v3	Missing encryption of sensitive data in Korenix JetPort 5601v3 allows Eavesdropping.This issue affects JetPort 5601v3: through 1.2.	2024-08-05	not yet calculated
Korenix--JetPort 5601v3	Improper filering of special characters result in a command ('command injection') vulnerability in Korenix JetPort 5601v3.This issue affects JetPort 5601v3: through 1.2.	2024-08-05	not yet calculated
Linux--Linux	In the Linux kernel, the following vulnerability has been resolved: mm: page_ref: remove folio_try_get_rcu() The below bug was reported on a non-SMP kernel: [ 275.267158][ T4335] ------------[ cut here ]------------ [ 275.267949][ T4335] kernel BUG at include/linux/page_ref.h:275! [ 275.268526][ T4335] invalid opcode: 0000 [#1] KASAN PTI [ 275.269001][ T4335] CPU: 0 PID: 4335 Comm: trinity-c3 Not tainted 6.7.0-rc4-00061-gefa7df3e3bb5 #1 [ 275.269787][ T4335] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014 [ 275.270679][ T4335] RIP: 0010:try_get_folio (include/linux/page_ref.h:275 (discriminator 3) mm/gup.c:79 (discriminator 3)) [ 275.272813][ T4335] RSP: 0018:ffffc90005dcf650 EFLAGS: 00010202 [ 275.273346][ T4335] RAX: 0000000000000246 RBX: ffffea00066e0000 RCX: 0000000000000000 [ 275.274032][ T4335] RDX: fffff94000cdc007 RSI: 0000000000000004 RDI: ffffea00066e0034 [ 275.274719][ T4335] RBP: ffffea00066e0000 R08: 0000000000000000 R09: fffff94000cdc006 [ 275.275404][ T4335] R10: ffffea00066e0037 R11: 0000000000000000 R12: 0000000000000136 [ 275.276106][ T4335] R13: ffffea00066e0034 R14: dffffc0000000000 R15: ffffea00066e0008 [ 275.276790][ T4335] FS: 00007fa2f9b61740(0000) GS:ffffffff89d0d000(0000) knlGS:0000000000000000 [ 275.277570][ T4335] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 275.278143][ T4335] CR2: 00007fa2f6c00000 CR3: 0000000134b04000 CR4: 00000000000406f0 [ 275.278833][ T4335] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 275.279521][ T4335] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 275.280201][ T4335] Call Trace: [ 275.280499][ T4335] <TASK> [ 275.280751][ T4335] ? die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434 arch/x86/kernel/dumpstack.c:447) [ 275.281087][ T4335] ? do_trap (arch/x86/kernel/traps.c:112 arch/x86/kernel/traps.c:153) [ 275.281463][ T4335] ? try_get_folio (include/linux/page_ref.h:275 (discriminator 3) mm/gup.c:79 (discriminator 3)) [ 275.281884][ T4335] ? try_get_folio (include/linux/page_ref.h:275 (discriminator 3) mm/gup.c:79 (discriminator 3)) [ 275.282300][ T4335] ? do_error_trap (arch/x86/kernel/traps.c:174) [ 275.282711][ T4335] ? try_get_folio (include/linux/page_ref.h:275 (discriminator 3) mm/gup.c:79 (discriminator 3)) [ 275.283129][ T4335] ? handle_invalid_op (arch/x86/kernel/traps.c:212) [ 275.283561][ T4335] ? try_get_folio (include/linux/page_ref.h:275 (discriminator 3) mm/gup.c:79 (discriminator 3)) [ 275.283990][ T4335] ? exc_invalid_op (arch/x86/kernel/traps.c:264) [ 275.284415][ T4335] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:568) [ 275.284859][ T4335] ? try_get_folio (include/linux/page_ref.h:275 (discriminator 3) mm/gup.c:79 (discriminator 3)) [ 275.285278][ T4335] try_grab_folio (mm/gup.c:148) [ 275.285684][ T4335] __get_user_pages (mm/gup.c:1297 (discriminator 1)) [ 275.286111][ T4335] ? __pfx___get_user_pages (mm/gup.c:1188) [ 275.286579][ T4335] ? __pfx_validate_chain (kernel/locking/lockdep.c:3825) [ 275.287034][ T4335] ? mark_lock (kernel/locking/lockdep.c:4656 (discriminator 1)) [ 275.287416][ T4335] __gup_longterm_locked (mm/gup.c:1509 mm/gup.c:2209) [ 275.288192][ T4335] ? __pfx___gup_longterm_locked (mm/gup.c:2204) [ 275.288697][ T4335] ? __pfx_lock_acquire (kernel/locking/lockdep.c:5722) [ 275.289135][ T4335] ? __pfx___might_resched (kernel/sched/core.c:10106) [ 275.289595][ T4335] pin_user_pages_remote (mm/gup.c:3350) [ 275.290041][ T4335] ? __pfx_pin_user_pages_remote (mm/gup.c:3350) [ 275.290545][ T4335] ? find_held_lock (kernel/locking/lockdep.c:5244 (discriminator 1)) [ 275.290961][ T4335] ? mm_access (kernel/fork.c:1573) [ 275.291353][ T4335] process_vm_rw_single_vec+0x142/0x360 [ 275.291900][ T4335] ? __pfx_process_vm_rw_single_vec+0x10/0x10 [ 275.292471][ T4335] ? mm_access (kernel/fork.c:1573) [ 275.292859][ T4335] process_vm_rw_core+0x272/0x4e0 [ 275.293384][ T4335] ? hlock_class (a ---truncated---	2024-08-08	not yet calculated
Linux--Linux	In the Linux kernel, the following vulnerability has been resolved: closures: Change BUG_ON() to WARN_ON() If a BUG_ON() can be hit in the wild, it shouldn't be a BUG_ON() For reference, this has popped up once in the CI, and we'll need more info to debug it: 03240 ------------[ cut here ]------------ 03240 kernel BUG at lib/closure.c:21! 03240 kernel BUG at lib/closure.c:21! 03240 Internal error: Oops - BUG: 00000000f2000800 [#1] SMP 03240 Modules linked in: 03240 CPU: 15 PID: 40534 Comm: kworker/u80:1 Not tainted 6.10.0-rc4-ktest-ga56da69799bd #25570 03240 Hardware name: linux,dummy-virt (DT) 03240 Workqueue: btree_update btree_interior_update_work 03240 pstate: 00001005 (nzcv daif -PAN -UAO -TCO -DIT +SSBS BTYPE=--) 03240 pc : closure_put+0x224/0x2a0 03240 lr : closure_put+0x24/0x2a0 03240 sp : ffff0000d12071c0 03240 x29: ffff0000d12071c0 x28: dfff800000000000 x27: ffff0000d1207360 03240 x26: 0000000000000040 x25: 0000000000000040 x24: 0000000000000040 03240 x23: ffff0000c1f20180 x22: 0000000000000000 x21: ffff0000c1f20168 03240 x20: 0000000040000000 x19: ffff0000c1f20140 x18: 0000000000000001 03240 x17: 0000000000003aa0 x16: 0000000000003ad0 x15: 1fffe0001c326974 03240 x14: 0000000000000a1e x13: 0000000000000000 x12: 1fffe000183e402d 03240 x11: ffff6000183e402d x10: dfff800000000000 x9 : ffff6000183e402e 03240 x8 : 0000000000000001 x7 : 00009fffe7c1bfd3 x6 : ffff0000c1f2016b 03240 x5 : ffff0000c1f20168 x4 : ffff6000183e402e x3 : ffff800081391954 03240 x2 : 0000000000000001 x1 : 0000000000000000 x0 : 00000000a8000000 03240 Call trace: 03240 closure_put+0x224/0x2a0 03240 bch2_check_for_deadlock+0x910/0x1028 03240 bch2_six_check_for_deadlock+0x1c/0x30 03240 six_lock_slowpath.isra.0+0x29c/0xed0 03240 six_lock_ip_waiter+0xa8/0xf8 03240 __bch2_btree_node_lock_write+0x14c/0x298 03240 bch2_trans_lock_write+0x6d4/0xb10 03240 __bch2_trans_commit+0x135c/0x5520 03240 btree_interior_update_work+0x1248/0x1c10 03240 process_scheduled_works+0x53c/0xd90 03240 worker_thread+0x370/0x8c8 03240 kthread+0x258/0x2e8 03240 ret_from_fork+0x10/0x20 03240 Code: aa1303e0 d63f0020 a94363f7 17ffff8c (d4210000) 03240 ---[ end trace 0000000000000000 ]--- 03240 Kernel panic - not syncing: Oops - BUG: Fatal exception 03240 SMP: stopping secondary CPUs 03241 SMP: failed to stop secondary CPUs 13,15 03241 Kernel Offset: disabled 03241 CPU features: 0x00,00000003,80000008,4240500b 03241 Memory Limit: none 03241 ---[ end Kernel panic - not syncing: Oops - BUG: Fatal exception ]--- 03246 ========= FAILED TIMEOUT copygc_torture_no_checksum in 7200s	2024-08-08	not yet calculated
Linux--Linux	In the Linux kernel, the following vulnerability has been resolved: gpio: pca953x: fix pca953x_irq_bus_sync_unlock race Ensure that `i2c_lock' is held when setting interrupt latch and mask in pca953x_irq_bus_sync_unlock() in order to avoid races. The other (non-probe) call site pca953x_gpio_set_multiple() ensures the lock is held before calling pca953x_write_regs(). The problem occurred when a request raced against irq_bus_sync_unlock() approximately once per thousand reboots on an i.MX8MP based system. * Normal case 0-0022: write register AI\|3a {03,02,00,00,01} Input latch P0 0-0022: write register AI\|49 {fc,fd,ff,ff,fe} Interrupt mask P0 0-0022: write register AI\|08 {ff,00,00,00,00} Output P3 0-0022: write register AI\|12 {fc,00,00,00,00} Config P3 * Race case 0-0022: write register AI\|08 {ff,00,00,00,00} Output P3 0-0022: write register AI\|08 {03,02,00,00,01} * Wrong register * 0-0022: write register AI\|12 {fc,00,00,00,00} Config P3 0-0022: write register AI\|49 {fc,fd,ff,ff,fe} Interrupt mask P0	2024-08-08	not yet calculated
Linux--Linux	In the Linux kernel, the following vulnerability has been resolved: io_uring: fix error pbuf checking Syz reports a problem, which boils down to NULL vs IS_ERR inconsistent error handling in io_alloc_pbuf_ring(). KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] RIP: 0010:__io_remove_buffers+0xac/0x700 io_uring/kbuf.c:341 Call Trace: <TASK> io_put_bl io_uring/kbuf.c:378 [inline] io_destroy_buffers+0x14e/0x490 io_uring/kbuf.c:392 io_ring_ctx_free+0xa00/0x1070 io_uring/io_uring.c:2613 io_ring_exit_work+0x80f/0x8a0 io_uring/io_uring.c:2844 process_one_work kernel/workqueue.c:3231 [inline] process_scheduled_works+0xa2c/0x1830 kernel/workqueue.c:3312 worker_thread+0x86d/0xd40 kernel/workqueue.c:3390 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244	2024-08-08	not yet calculated
Linux--Linux	In the Linux kernel, the following vulnerability has been resolved: tpm: Use auth only after NULL check in tpm_buf_check_hmac_response() Dereference auth after NULL check in tpm_buf_check_hmac_response(). Otherwise, unless tpm2_sessions_init() was called, a call can cause NULL dereference, when TCG_TPM2_HMAC is enabled. [jarkko: adjusted the commit message.]	2024-08-08	not yet calculated
Linux--Linux	In the Linux kernel, the following vulnerability has been resolved: cifs: Fix server re-repick on subrequest retry When a subrequest is marked for needing retry, netfs will call cifs_prepare_write() which will make cifs repick the server for the op before renegotiating credits; it then calls cifs_issue_write() which invokes smb2_async_writev() - which re-repicks the server. If a different server is then selected, this causes the increment of server->in_flight to happen against one record and the decrement to happen against another, leading to misaccounting. Fix this by just removing the repick code in smb2_async_writev(). As this is only called from netfslib-driven code, cifs_prepare_write() should always have been called first, and so server should never be NULL and the preparatory step is repeated in the event that we do a retry. The problem manifests as a warning looking something like: WARNING: CPU: 4 PID: 72896 at fs/smb/client/smb2ops.c:97 smb2_add_credits+0x3f0/0x9e0 [cifs] ... RIP: 0010:smb2_add_credits+0x3f0/0x9e0 [cifs] ... smb2_writev_callback+0x334/0x560 [cifs] cifs_demultiplex_thread+0x77a/0x11b0 [cifs] kthread+0x187/0x1d0 ret_from_fork+0x34/0x60 ret_from_fork_asm+0x1a/0x30 Which may be triggered by a number of different xfstests running against an Azure server in multichannel mode. generic/249 seems the most repeatable, but generic/215, generic/249 and generic/308 may also show it.	2024-08-08	not yet calculated
Linux--Linux	In the Linux kernel, the following vulnerability has been resolved: ext4: use memtostr_pad() for s_volume_name As with the other strings in struct ext4_super_block, s_volume_name is not NUL terminated. The other strings were marked in commit 072ebb3bffe6 ("ext4: add nonstring annotations to ext4.h"). Using strscpy() isn't the right replacement for strncpy(); it should use memtostr_pad() instead.	2024-08-08	not yet calculated
Microchip Techology--Advanced Software Framework	Improper Input Validation vulnerability in Microchip Techology Advanced Software Framework example DHCP server can cause remote code execution through a buffer overflow. This vulnerability is associated with program files tinydhcpserver.C and program routines lwip_dhcp_find_option. This issue affects Advanced Software Framework: through 3.52.0.2574. ASF is no longer being supported. Apply provided workaround or migrate to an actively maintained framework.	2024-08-08	not yet calculated
Mozilla--Firefox for iOS	Long pressing on a download link could potentially provide a means for cross-site scripting This vulnerability affects Firefox for iOS < 129.	2024-08-06	not yet calculated
Mozilla--Firefox for iOS	The contextual menu for links could provide an opportunity for cross-site scripting attacks This vulnerability affects Firefox for iOS < 129.	2024-08-06	not yet calculated
Mozilla--Firefox	Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.	2024-08-06	not yet calculated
Mozilla--Firefox	A select option could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This issue only affects Android versions of Firefox. This vulnerability affects Firefox < 129.	2024-08-06	not yet calculated
Mozilla--Firefox	Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack on some of the shims and achieved XSS, bypassing the CSP strict-dynamic protection. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1.	2024-08-06	not yet calculated
Mozilla--Firefox	Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same buffer for input and output can result in plaintext on an Intel Sandy Bridge processor. In Firefox this only affects the QUIC header protection feature when the connection is using the ChaCha20-Poly1305 cipher suite. The most likely outcome is connection failure, but if the connection persists despite the high packet loss it could be possible for a network observer to identify packets as coming from the same source despite a network path change. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1.	2024-08-06	not yet calculated
n/a--n/a	Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR12, 4.0.0 SR04, 4.1.0 SR02, and 4.2.0 SR01 fails to validate the directory structure of the root file system during the Pre-Boot Authorization (PBA) process. This can be exploited by a physical attacker who is able to manipulate the contents of the system's hard disk.	2024-08-08	not yet calculated
n/a--n/a	Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR10 fails to validate /etc/mtab during the Pre-Boot Authorization (PBA) process. This can be exploited by a physical attacker who is able to manipulate the contents of the system's hard disk.	2024-08-08	not yet calculated
n/a--n/a	Cross Site Scripting vulnerability in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via the additonal-contents.pl component.	2024-08-06	not yet calculated
n/a--n/a	K7RKScan.sys in K7 Ultimate Security before 17.0.2019 allows local users to cause a denial of service (BSOD) because of a NULL pointer dereference.	2024-08-06	not yet calculated
n/a--n/a	An issue in GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, XE3000/X3000 v4, and B2200/MV1000/MV1000W/USB150/N300/SF1200 v3.216 allows attackers to intercept communications via a man-in-the-middle attack when DDNS clients are reporting data to the server.	2024-08-06	not yet calculated
n/a--n/a	The com.cascadialabs.who (aka Who - Caller ID, Spam Block) application 15.0 for Android places sensitive information in the system log.	2024-08-05	not yet calculated
n/a--n/a	A Reflected Cross-site scripting (XSS) vulnerability exists in '/search' in microweber 2.0.15 and earlier allowing unauthenticated remote attackers to inject arbitrary web script or HTML via the 'keywords' parameter.	2024-08-06	not yet calculated
n/a--n/a	A segmentation fault in KMPlayer v4.2.2.65 allows attackers to cause a Denial of Service (DoS) via a crafted AVI file.	2024-08-05	not yet calculated
n/a--n/a	A Cross-Site Scripting vulnerability in rcmail_action_mail_get->run() in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a malicious e-mail attachment served with a dangerous Content-Type header.	2024-08-05	not yet calculated
n/a--n/a	A Cross-Site Scripting vulnerability in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a crafted e-mail message that abuses a Desanitization issue in message_body() in program/actions/mail/show.php.	2024-08-05	not yet calculated
Naukowa i Akademicka Sie Komputerowa - Pastwowy Instytut Badawczy--EZD RP	Incorrect User Management vulnerability in Naukowa i Akademicka SieÄ‡ Komputerowa - PaÅ„stwowy Instytut Badawczy EZD RP allows logged-in user to change the password of any user, including root user, which could lead to privilege escalation. This issue affects EZD RP: from 15 before 15.84, from 16 before 16.15, from 17 before 17.2.	2024-08-07	not yet calculated
Naukowa i Akademicka Sie Komputerowa - Pastwowy Instytut Badawczy--EZD RP	Incorrect User Management vulnerability in Naukowa i Akademicka Sie? Komputerowa - Pa?stwowy Instytut Badawczy EZD RP allows logged-in user to list all users in the system, including those from other organizations. This issue affects EZD RP: from 15 before 15.84, from 16 before 16.15, from 17 before 17.2.	2024-08-07	not yet calculated
Naukowa i Akademicka Sie Komputerowa - Pastwowy Instytut Badawczy--EZD RP	Exposure of Sensitive Information vulnerability in Naukowa i Akademicka Sie? Komputerowa - Pa?stwowy Instytut Badawczy EZD RP allows logged-in user to retrieve information about IP infrastructure and credentials. This issue affects EZD RP all versions before 19.6	2024-08-07	not yet calculated
oFono--oFono	oFono QMI SMS Handling Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of SMS message lists. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-23157.	2024-08-06	not yet calculated
oFono--oFono	oFono CUSD AT Command Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. The specific flaw exists within the parsing of responses from AT Commands. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-23190.	2024-08-06	not yet calculated
oFono--oFono	oFono CUSD Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. The specific flaw exists within the parsing of responses from AT+CUSD commands. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-23195.	2024-08-06	not yet calculated
oFono--oFono	oFono AT CMGL Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. The specific flaw exists within the parsing of responses from AT+CMGL commands. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-23307.	2024-08-06	not yet calculated
oFono--oFono	oFono AT CMT Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. The specific flaw exists within the parsing of responses from AT+CMT commands. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-23308.	2024-08-06	not yet calculated
oFono--oFono	oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. The specific flaw exists within the parsing of responses from AT+CMGR commands. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-23309.	2024-08-06	not yet calculated
oFono--oFono	oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. The specific flaw exists within the parsing of STK command PDUs. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-23456.	2024-08-06	not yet calculated
oFono--oFono	oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. The specific flaw exists within the parsing of STK command PDUs. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-23457.	2024-08-06	not yet calculated
oFono--oFono	oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. The specific flaw exists within the parsing of STK command PDUs. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-23458.	2024-08-06	not yet calculated
oFono--oFono	oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. The specific flaw exists within the parsing of STK command PDUs. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-23459.	2024-08-06	not yet calculated
oFono--oFono	oFono SMS Decoder Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. The specific flaw exists within the parsing of SMS PDUs. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-23460.	2024-08-06	not yet calculated
OpenText--ALM Octane.	Improper Neutralization vulnerability (XSS) has been discovered in OpenTextâ„¢ ALM Octane. The vulnerability affects all version prior to version 23.4. The vulnerability could cause remote code execution attack.	2024-08-05	not yet calculated
Red Hat--Red Hat Ansible Automation Platform 2	A flaw was found in the Pulp package. When a role-based access control (RBAC) object in Pulp is set to assign permissions on its creation, it uses the `AutoAddObjPermsMixin` (typically the add_roles_for_object_creator method). This method finds the object creator by checking the current authenticated user. For objects that are created within a task, this current user is set by the first user with any permissions on the task object. This means the oldest user with model/domain-level task permissions will always be set as the current user of a task, even if they didn't dispatch the task. Therefore, all objects created in tasks will have their permissions assigned to this oldest user, and the creating user will receive nothing.	2024-08-07	not yet calculated
Red Hat--Red Hat Enterprise Linux 6	A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline.	2024-08-05	not yet calculated
Rocket.Chat--Rocket.Chat	A Server-Side Request Forgery (SSRF) affects Rocket.Chat's Twilio webhook endpoint before version 6.10.1.	2024-08-05	not yet calculated
Unknown--Ajax Search Lite	The Ajax Search Lite WordPress plugin before 4.12.1 does not sanitise and escape some parameters, which could allow users with a role as low as Admin+ to perform Cross-Site Scripting attacks.	2024-08-06	not yet calculated
Unknown--Chatbot for WordPress by Collect.chat	The Chatbot for WordPress by Collect.chat ?? WordPress plugin before 2.4.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed	2024-08-05	not yet calculated
Unknown--Easy Table of Contents	The Easy Table of Contents WordPress plugin before 2.0.68 does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks.	2024-08-06	not yet calculated
Unknown--House Manager	The House Manager WordPress plugin through 1.0.8.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin	2024-08-07	not yet calculated
ZEXELON CO., LTD.--ZWX-2000CSW2-HN	ZWX-2000CSW2-HN firmware versions prior to Ver.0.3.15 uses hard-coded credentials, which may allow a network-adjacent attacker with an administrative privilege to alter the configuration of the device.	2024-08-05	not yet calculated
ZEXELON CO., LTD.--ZWX-2000CSW2-HN	Incorrect permission assignment for critical resource issue exists in ZWX-2000CSW2-HN firmware versions prior to Ver.0.3.15, which may allow a network-adjacent authenticated attacker to alter the configuration of the device.	2024-08-05	not yet calculated

Please share your thoughts

We recently updated our anonymous product survey ; we’d welcome your feedback.

LibreOffice 24.2 Help

Creating and Changing Default and Custom Templates

When you open a new document with File - New , a blank document appears based on a LibreOffice template. You can edit, modify, or replace this template so that the new document contains your customized Styles or other contents.

You can define document templates for each LibreOffice application.

Creating a Default Template

First, open either an existing LibreOffice template and modify it, or open a new document and edit it as necessary to create the desired template.

Save the document by choosing File - Templates - Save as Template , then enter the template name, click the Set as default template checkbox, and save in the My Templates category.

The next time you open a new text document, the new document will be based on this new default template.

Modifying a Default Template

Choose File - Templates - Manage Templates .

Use Filter to select the type of document.

The default template is marked with a green check mark. Right-click that template and choose Edit .

Make desired changes, choose File - Save , and close the document.

When you open a new document, the modified default template will be used.

LibreOffice provides built-in presentation templates, which cannot be edited, renamed, or deleted. To modify a built-in presentation template, open a document using the template, modify, then save as a new template.

LibreOffice provides built-in templates for Writer, which cannot be edited, renamed, or deleted. To modify a built-in template, open a document using the template, modify, then save as a new template.

Setting a Template as Default

Right-click on template to be made default, choose Set as Default .

Creating a Custom Template

Choose File - Templates - Save As Template , then enter the template name, choose a Template category , and save.

Modifying a Custom Template

Right-click on the template to be modified, and choose Edit .

Saving a Template in the Template Folder

You can save any document as a template by selecting "Template" file type in the Save dialog. To access the template from the Template Manager, save the template in the User Paths directory specified for Templates in LibreOffice - Preferences Tools - Options - LibreOffice - Paths . It is often easier to save a document with File - Templates - Save As Template , because it automatically places the template in the appropriate directory.

The Template Manager is the preferred method for working with templates. File - New - Templates and File - Templates - Manage Templates are equivalent for opening the Template Manager . Command Ctrl +Shift+N is the predefined shortcut key.

COMMENTS

LibreOffice Impress Templates
The LibreOffice Impress Templates project aims to provide a collection of well-designed, freely-licensed, usable templates for LibreOffice Impress. You can search below through all of the templates by name (try focus ), tag (try blue, dark, or pencil ), or collection (try material ).
Templates & Extensions
templates, documents, document models, template editors, LibreOffice, extensions, plugins, addons, ODF, open standards
246 Impress Templates » Extensions
Presentations Templates. Previous Next. Close Description. LibreOffice Impress Templates ===== A collection of 253 well-designed, modern, freely-licensed templates on GitHub. NEW: Live search through all the templates using tags / keywords or by collection or template name. Try it out on the project home page: https://dohliam.github.io ...
Create Your First Presentation Using LibreOffice Impress
Create Your First Presentation. Open LibreOffice Impress. If the template dialog opens, select a template you want. Otherwise, click Close. You will be presented with the first slide with a default design - A title and content. From the File menu, click Save As …. Choose any file type you want. You can also choose the Microsoft PowerPoint ...
Impress
LibreOffice, Impress, presentation, ODF, open standards. In Impress, creating and editing slides is very versatile thanks to different editing and view modes: Normal (for general editing), Outline (for organizing and outlining your text content), Notes (for viewing and editing the notes attached to a slide), Handout (for producing paper-based material), and Slide Sorter (for a thumbnail sheet ...
LibreOffice Impress: Templates and Master Pages
Go to File > Save As Template on the main menu bar to open the Template Manager dialog. By default the Template Manager opens at the Documents page. Double click on the MediaWiki folder to select it and activate the Save icon, then click the Save icon. Specify the template name in the pop-up dialog and click Accept.
Chapter 2, Master Slides, Styles, and Templates
2) Select the template to use as the default LibreOffice presentation template. 3) Right-click on the selected template and select Set as Default from the context menu. 4) Click on Open and a new presentation opens using the new default template and sets the default presentation template in LibreOffice. The next time a new presentation is ...
dohliam/libreoffice-impress-templates
A series of 18 templates based on designs by members of the Fedora Project community.. These include 3 templates (fedora-patterns-clover, fedora-textures-grey-blue, and fedora-clean-grey) from an open call to design a slide deck template for general Fedora presentations.It also includes two templates (fedora-patterns-wings and fedora-server-theme) by William J Morenor.
LibreOffice Presentation Templates
LibreOffice Presentation Templates provided by the LibreOffice Design Team for the Community Release List Release Description Compatibility Operating Systems License Release notes 1.0 First Production Release 3.3 Linux, Windows, macOS CC-BY
Template Manager
The Template Manager allows you to access and organize templates in LibreOffice. LibreOffice comes with a set of built-in templates that can be used to create documents, presentations, spreadsheets or drawings. You may use templates available in the template manager, create your own templates or browse online for additional templates.
Chapter 2, Master Slides, Styles, and Templates
2) Select the template to use as the default LibreOffice presentation template. 3) Right-click on the selected template and select Set as Default from the context menu. 4) Click on Open and a new presentation opens using the new default template and sets the default presentation template in LibreOffice. The next time a new presentation is ...
LibreOffice Templates
These free LibreOffice templates are easy to download and print. Each template is available in LibreOffice format: just download one, open it in LibreOffice, edit, and print. Also available: more free printables including templates for OpenOffice , printable signs , and business form templates .
Extensions » Extensions
A professional and clean presentation template featuring IBM Plex Sans font, ideal for consultants and business presentations. 07-2024 163. ... 05-2024 300. Not rated yet. Template LibreOffice Presentations MMA v1. Modern Magma Affirmation is a very nice and modern, yet simple Presentations Template for LibreOffice. 04-2024 2471.
Extensions » Extensions
A professional and clean presentation template featuring IBM Plex Sans font, ideal for consultants and business presentations. 07-2024 163. ... TexMaths is an addon designed to provide LaTeX support into LibreOffice. LaTeX equations can be inserted as images (SVG or PNG formats) and the LaTeX code is saved into the image attribute for further ...
Extensions » Extensions
A professional and clean presentation template featuring IBM Plex Sans font, ideal for consultants and business presentations. 07-2024 163. ... TexMaths is an addon designed to provide LaTeX support into LibreOffice. LaTeX equations can be inserted as images (SVG or PNG formats) and the LaTeX code is saved into the image attribute for further ...
Chapter 2, Master Slides, Styles, and Templates
2) Select the template you want to use as the default LibreOffice presentation template. 3) Right click on the selected template and select Set as Default from the context menu. 4) Click on Open and a new presentation opens using the new default template and sets the default presentation template in LibreOffice. The next time that you create a ...
Template Manager
The Template Manager allows you to access and organize templates in LibreOffice. LibreOffice comes with a set of built-in templates that can be used to create documents, presentations, spreadsheets or drawings. You may use templates available in the template manager, create your own templates or browse online for additional templates.
LibreOffice templates for presentations
While the collection of presentation templates for LibreOffice is very small, it is still possible to use any PowerPoint presentation template as a template for Impress. You can open a PowerPoint presentation in LibreOffice Impress and edit the presentation or play the slideshow. Some files are complex and have compatibility problems ...
Applying a Slide Design to a Master Slide
Select Slide - Master Slide Design. Click Load. Under Categories, select a slide design category. Under Templates, select a template with the design that you want to apply. To preview the template, click More, and then select the Preview box. Click OK. To apply the slide design to all of the slides in your presentation, select the Exchange ...
Template Manager
The Template Manager allows you to access and organize templates in LibreOffice. LibreOffice comes with a set of built-in templates that can be used to create documents, presentations, spreadsheets or drawings. You may use templates available in the template manager, create your own templates or browse online for additional templates.
Free Animated Google Slides themes and PowerPoint templates
Download the Art Subject for Pre-K: Colors Infographics presentation for PowerPoint or Google Slides and create big learning experiences for the littlest students! Dynamic and adorable, this template provides the visual stimuli that Pre-K students thrive on and makes your lessons more playful and exciting — after all, Pre-K education...
Extensions » Extensions
A professional and clean presentation template featuring IBM Plex Sans font, ideal for consultants and business presentations. 07-2024 164. ... TexMaths is an addon designed to provide LaTeX support into LibreOffice. LaTeX equations can be inserted as images (SVG or PNG formats) and the LaTeX code is saved into the image attribute for further ...
Vulnerability Summary for the Week of August 5, 2024
When a document with a signed macro is opened a warning is displayed by LibreOffice before the macro is executed. Previously if verification failed the user could fail to understand the failure and choose to enable the macros anyway. This issue affects LibreOffice: from 24.2 before 24.2.5. 2024-08-05: 7.8: CVE-2024-6472: security ...
Changing and Adding a Master Slide
Under Categories, select the category of templates. Under Templates, select a template with the master slide that you want to apply. To preview the template, click Preview. Click OK. Do one of the following: To apply the master slide to all of the slides in your presentation, select the Exchange background page check box, and then click OK.
Creating and Changing Default and Custom Templates
Creating a Default Template. First, open either an existing LibreOffice template and modify it, or open a new document and edit it as necessary to create the desired template. Save the document by choosing File - Templates - Save as Template, then enter the template name, click the Set as default template checkbox, and save in the My Templates ...