📦

core

Vendor: onlyoffice

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 2 Remote Access

Total CVEs 2 Total Indexed

Avg. EPSS 16.16% Exploit Prob.

Latest CVE CVE-2022-29777 Jun 02

Security Vulnerability Index

Page 1 / 1

9.8 CVSS

CVE-2022-29777

RCE

Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and below were discovered to contain a heap overflow via the component DesktopEditor/fontengine/fontconverter/FontFileBase.h.

EPSS: 16.16%

Severity: CRITICAL

Jun 02, 2022

9.8 CVSS

CVE-2022-29776

RCE

Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and below were discovered to contain a stack overflow via the component DesktopEditor/common/File.cpp.

EPSS: 16.16%

Severity: CRITICAL

Jun 02, 2022

Displaying 2 of 2 Total Entries

Total 1 Sections