Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open enterprise server vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2023-39959
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.9, 26.0.4, and 27.0.1, unauthenticated users could send a DAV request which reveals whether a calendar or an address book with the given iden...
Nextcloud Nextcloud Server 27.0.0
Nextcloud Nextcloud Server
6.5
CVSSv3
CVE-2023-39952
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 22.0.0 and prior to versions 22.2.10.13, 23.0.12.8, 24.0.12.4, 25.0.8, 26.0.3, and 27.0.1, a user can access files inside a subfolder of a groupfolder accessible to them, even...
Nextcloud Nextcloud Server 27.0.0
Nextcloud Nextcloud Server
9.8
CVSSv3
CVE-2023-38646
Metabase open source prior to 0.46.6.1 and Metabase Enterprise prior to 1.46.6.1 allow malicious users to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4...
Metabase Metabase
51 Github repositories
7.5
CVSSv3
CVE-2023-3138
A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array in...
X.org Libx11
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
1 Github repository
8.7
CVSSv3
CVE-2021-23166
A sandboxing issue in Odoo Community 15.0 and previous versions and Odoo Enterprise 15.0 and previous versions allows authenticated administrators to read and write local files on the server.
Odoo Odoo
6.5
CVSSv3
CVE-2021-23176
Improper access control in reporting engine of l10n_fr_fec module in Odoo Community 15.0 and previous versions and Odoo Enterprise 15.0 and previous versions allows remote authenticated users to extract accounting information via crafted RPC packets.
Odoo Odoo
7.5
CVSSv3
CVE-2021-23178
Improper access control in Odoo Community 15.0 and previous versions and Odoo Enterprise 15.0 and previous versions allows malicious users to validate online payments with a tokenized payment method that belongs to another user, causing the victim's payment method to be char...
Odoo Odoo
8.7
CVSSv3
CVE-2021-23186
A sandboxing issue in Odoo Community 15.0 and previous versions and Odoo Enterprise 15.0 and previous versions allows authenticated administrators to access and modify database contents of other tenants, in a multi-tenant system.
Odoo Odoo
7.5
CVSSv3
CVE-2021-23203
Improper access control in reporting engine of Odoo Community 14.0 up to and including 15.0, and Odoo Enterprise 14.0 up to and including 15.0, allows remote malicious users to download PDF reports for arbitrary documents, via crafted requests.
Odoo Odoo 14.0
Odoo Odoo 15.0
6.8
CVSSv3
CVE-2021-44476
A sandboxing issue in Odoo Community 15.0 and previous versions and Odoo Enterprise 15.0 and previous versions allows authenticated administrators to read local files on the server, including sensitive configuration files.
Odoo Odoo
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »