Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open-xchange open-xchange appsuite vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2014-5238
XML external entity (XXE) vulnerability in Open-Xchange (OX) AppSuite prior to 7.4.2-rev11 and 7.6.x prior to 7.6.0-rev9 allows remote malicious users to read arbitrary files and possibly other unspecified impact via a crafted OpenDocument Text document.
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.4.2
Open-xchange Open-xchange Appsuite 7.6.0
7.5
CVSSv3
CVE-2023-26451
Functions with insufficient randomness were used to generate authorization tokens of the integrated oAuth Authorization Service. Authorization codes were predictable for third parties and could be used to intercept and take over the client authorization process. As a result, othe...
Open-xchange Open-xchange Appsuite Backend
7.5
CVSSv3
CVE-2020-8543
OX App Suite up to and including 7.10.3 has Improper Input Validation.
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.10.1
Open-xchange Open-xchange Appsuite 7.10.2
Open-xchange Open-xchange Appsuite 7.10.3
7.5
CVSSv3
CVE-2014-5236
Multiple absolute path traversal vulnerabilities in documentconverter in Open-Xchange (OX) AppSuite prior to 7.4.2-rev10 and 7.6.x prior to 7.6.0-rev10 allow remote malicious users to read application files via a full pathname in a crafted (1) OLE Object or (2) image in an OpenDo...
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.4.2
Open-xchange Open-xchange Appsuite 7.6.0
7.5
CVSSv3
CVE-2019-7159
OX App Suite 7.10.1 and previous versions allows Information Exposure.
Open-xchange Open-xchange Appsuite
7.5
CVSSv3
CVE-2017-5211
Open-Xchange GmbH OX App Suite 7.8.3 and previous versions is affected by: Content Spoofing.
Open-xchange Open-xchange Appsuite
7.5
CVSSv3
CVE-2017-12884
OX Software GmbH App Suite 7.8.4 and previous versions is affected by: Information Exposure.
Open-xchange Open-xchange Appsuite
7.4
CVSSv3
CVE-2016-3174
An issue exists in Open-Xchange OX AppSuite prior to 7.8.0-rev27. The "defer" servlet offers to redirect a client to a specified URL. Since some checks were missing, arbitrary URLs could be provided as redirection target. Users can be tricked to follow a link to a trust...
Open-xchange Open-xchange Appsuite
7.3
CVSSv3
CVE-2023-29047
Imageconverter API endpoints provided methods that were not sufficiently validating and sanitizing client input, allowing to inject arbitrary SQL statements. An attacker with access to the adjacent network and potentially API credentials, could read and modify database content wh...
Open-xchange Open-xchange Appsuite 7.10.6
Open-xchange Open-xchange Appsuite
6.6
CVSSv3
CVE-2019-16716
OX App Suite up to and including 7.10.2 has Incorrect Access Control.
Open-xchange Open-xchange Appsuite
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »