Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open-xchange open-xchange documents vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-12645
OX App Suite 7.10.1 to 7.10.3 has improper input validation for rate limits with a crafted User-Agent header, spoofed vacation notices, and /apps/load memory consumption.
Open-xchange Open-xchange Appsuite
7.8
CVSSv3
CVE-2019-9853
LibreOffice documents can contain macros. The execution of those macros is controlled by the document security settings, typically execution of macros are blocked by default. A URL decoding flaw existed in how the urls to the macros within the document were processed and categori...
Libreoffice Libreoffice
7.5
CVSSv3
CVE-2020-8543
OX App Suite up to and including 7.10.3 has Improper Input Validation.
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.10.1
Open-xchange Open-xchange Appsuite 7.10.2
Open-xchange Open-xchange Appsuite 7.10.3
6.5
CVSSv3
CVE-2021-33491
OX App Suite up to and including 7.10.5 allows Directory Traversal via ../ in an OOXML or ODF ZIP archive, because of the mishandling of relative paths in mail addresses in conjunction with auto-configuration DNS records.
Open-xchange Ox App Suite
6.5
CVSSv3
CVE-2021-28093
OX Documents prior to 7.10.5-rev5 has Incorrect Access Control of converted images because hash collisions can occur, due to use of Adler32.
Open-xchange Open-xchange Documents 7.10.5
Open-xchange Open-xchange Documents
6.5
CVSSv3
CVE-2021-28094
OX Documents prior to 7.10.5-rev7 has Incorrect Access Control for converted documents because hash collisions can occur, due to use of CRC32.
Open-xchange Open-xchange Documents 7.10.5
Open-xchange Open-xchange Documents
6.5
CVSSv3
CVE-2020-8541
OX App Suite up to and including 7.10.3 allows XXE attacks.
Open-xchange Open-xchange Appsuite 7.10.1
Open-xchange Open-xchange Appsuite 7.10.2
Open-xchange Open-xchange Appsuite 7.10.3
6.5
CVSSv3
CVE-2020-8544
OX App Suite up to and including 7.10.3 allows SSRF.
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.10.1
Open-xchange Open-xchange Appsuite 7.10.2
Open-xchange Open-xchange Appsuite 7.10.3
6.1
CVSSv3
CVE-2023-29043
Presentations may contain references to images, which are user-controlled, and could include malicious script code that is being processed when editing a document. Script code embedded in malicious documents could be executed in the context of the user editing the document when p...
Open-xchange Open-xchange Appsuite 7.10.6
Open-xchange Open-xchange Appsuite
6.1
CVSSv3
CVE-2021-33494
OX App Suite 7.10.5 allows XSS via an OX Chat room title during typing rendering.
Open-xchange Ox App Suite 7.10.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »