Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open enterprise server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-39952
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 22.0.0 and prior to versions 22.2.10.13, 23.0.12.8, 24.0.12.4, 25.0.8, 26.0.3, and 27.0.1, a user can access files inside a subfolder of a groupfolder accessible to them, even...
Nextcloud Nextcloud Server 27.0.0
Nextcloud Nextcloud Server
NA
CVE-2023-38646
Metabase open source prior to 0.46.6.1 and Metabase Enterprise prior to 1.46.6.1 allow malicious users to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4...
Metabase Metabase
49 Github repositories
NA
CVE-2023-3138
A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array in...
X.org Libx11
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
1 Github repository
NA
CVE-2021-26947
Cross-site scripting (XSS) issue Odoo Community 15.0 and previous versions and Odoo Enterprise 15.0 and previous versions, allows remote malicious users to inject arbitrary web script in the browser of a victim, via a crafted link.
Odoo Odoo
NA
CVE-2021-26263
Cross-site scripting (XSS) issue in Discuss app of Odoo Community 14.0 up to and including 15.0, and Odoo Enterprise 14.0 up to and including 15.0, allows remote malicious users to inject arbitrary web script in the browser of a victim, by posting crafted contents.
Odoo Odoo 14.0
Odoo Odoo 15.0
NA
CVE-2021-45071
Cross-site scripting (XSS) issue Odoo Community 15.0 and previous versions and Odoo Enterprise 15.0 and previous versions, allows remote malicious users to inject arbitrary web script in the browser of a victim, via crafted uploaded file names.
Odoo Odoo
NA
CVE-2021-45111
Improper access control in Odoo Community 15.0 and previous versions and Odoo Enterprise 15.0 and previous versions allows remote authenticated users to trigger the creation of demonstration data, including user accounts with known credentials.
Odoo Odoo
NA
CVE-2021-23166
A sandboxing issue in Odoo Community 15.0 and previous versions and Odoo Enterprise 15.0 and previous versions allows authenticated administrators to read and write local files on the server.
Odoo Odoo
NA
CVE-2021-23176
Improper access control in reporting engine of l10n_fr_fec module in Odoo Community 15.0 and previous versions and Odoo Enterprise 15.0 and previous versions allows remote authenticated users to extract accounting information via crafted RPC packets.
Odoo Odoo
NA
CVE-2021-23178
Improper access control in Odoo Community 15.0 and previous versions and Odoo Enterprise 15.0 and previous versions allows malicious users to validate online payments with a tokenized payment method that belongs to another user, causing the victim's payment method to be char...
Odoo Odoo
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »