Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open-xchange ox app suite vulnerabilities and exploits
(subscribe to this query)
9.9
CVSSv3
CVE-2017-13667
OX Software GmbH OX App Suite 7.8.4 and previous versions is affected by: SSRF.
Open-xchange Open-xchange Appsuite
9.8
CVSSv3
CVE-2022-29851
documentconverter in OX App Suite up to and including 7.10.6, in a non-default configuration with ghostscript, allows OS Command Injection because file conversion may occur for an EPS document that is disguised as a PDF document.
Open-xchange Ox App Suite
9.8
CVSSv3
CVE-2022-23100
OX App Suite up to and including 7.10.6 allows OS Command Injection via Documentconverter (e.g., through an email attachment).
Open-xchange Ox App Suite
9.8
CVSSv3
CVE-2022-24405
OX App Suite up to and including 7.10.6 allows OS Command Injection via a serialized Java class to the Documentconverter API.
Open-xchange Ox App Suite
9.8
CVSSv3
CVE-2020-12645
OX App Suite 7.10.1 to 7.10.3 has improper input validation for rate limits with a crafted User-Agent header, spoofed vacation notices, and /apps/load memory consumption.
Open-xchange Open-xchange Appsuite
9.8
CVSSv3
CVE-2019-7158
OX App Suite 7.10.0 and previous versions has Incorrect Access Control.
Open-xchange Open-xchange Appsuite
9.8
CVSSv3
CVE-2017-5210
Open-Xchange GmbH OX App Suite 7.8.3 and previous versions is affected by: Information Exposure.
Open-xchange Open-xchange Appsuite
9.8
CVSSv3
CVE-2017-5212
Open-Xchange GmbH OX App Suite 7.8.3 is affected by: Incorrect Access Control.
Open-xchange Open-xchange Appsuite 7.8.3
9.8
CVSSv3
CVE-2017-17060
OX Software GmbH OX App Suite 7.8.4 and previous versions is affected by: Insecure Permissions.
Open-xchange Open-xchange Appsuite
9.8
CVSSv3
CVE-2017-5863
Open-Xchange GmbH OX App Suite 7.8.3 and previous versions is affected by: Incorrect Access Control.
Open-xchange Open-xchange Appsuite
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »