Filtered by vendor Open-xchange
Subscriptions
Total
255 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-17060 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | N/A |
| OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Insecure Permissions. | ||||
| CVE-2017-15030 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | N/A |
| Open-Xchange GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS). | ||||
| CVE-2017-15029 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | N/A |
| Open-Xchange GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF. | ||||
| CVE-2017-13668 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | N/A |
| OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS). | ||||
| CVE-2017-13667 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | N/A |
| OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF. | ||||
| CVE-2017-12885 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | N/A |
| OX Software GmbH App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS). | ||||
| CVE-2017-12884 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | N/A |
| OX Software GmbH App Suite 7.8.4 and earlier is affected by: Information Exposure. | ||||
| CVE-2016-6846 | 1 Open-xchange | 4 Documentconverter-api, Office Web, Open-xchange Appsuite Backend and 1 more | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite backend before 7.6.2-rev59, 7.8.0 before 7.8.0-rev38, 7.8.2 before 7.8.2-rev8; AppSuite frontend before 7.6.2-rev47, 7.8.0 before 7.8.0-rev30, and 7.8.2 before 7.8.2-rev8; Office Web before 7.6.2-rev16, 7.8.0 before 7.8.0-rev10, and 7.8.2 before 7.8.2-rev5; and Documentconverter-API before 7.8.2-rev5 allows remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2015-1588 | 1 Open-xchange | 2 Open-xchange Appsuite, Open-xchange Server | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange Server 6 and OX AppSuite before 7.4.2-rev43, 7.6.0-rev38, and 7.6.1-rev21. | ||||
| CVE-2014-5238 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | 7.8 High |
| XML external entity (XXE) vulnerability in Open-Xchange (OX) AppSuite before 7.4.2-rev11 and 7.6.x before 7.6.0-rev9 allows remote attackers to read arbitrary files and possibly other unspecified impact via a crafted OpenDocument Text document. | ||||
| CVE-2014-5236 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | 7.5 High |
| Multiple absolute path traversal vulnerabilities in documentconverter in Open-Xchange (OX) AppSuite before 7.4.2-rev10 and 7.6.x before 7.6.0-rev10 allow remote attackers to read application files via a full pathname in a crafted (1) OLE Object or (2) image in an OpenDocument text file. | ||||
| CVE-2014-2078 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | N/A |
| The backend in Open-Xchange (OX) AppSuite 7.4.2 before 7.4.2-rev9 allows remote attackers to obtain sensitive information about user email addresses in opportunistic circumstances by leveraging a failure in e-mail auto configuration for external accounts. | ||||
| CVE-2013-7486 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | 6.1 Medium |
| Cross-site scripting (XSS) vulnerability in the backend in Open-Xchange (OX) AppSuite 7.2.x before 7.2.2-rev27 and 7.4.x before 7.4.0-rev20 allows remote attackers to inject arbitrary web script or HTML via the body of an email. NOTE: this vulnerability was SPLIT from CVE-2013-6242 because it affects different sets of versions. | ||||
| CVE-2013-7485 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | 6.1 Medium |
| Cross-site scripting (XSS) vulnerability in the backend in Open-Xchange (OX) AppSuite 7.2.x before 7.2.2-rev26 and 7.4.x before 7.4.0-rev16 allows remote attackers to inject arbitrary web script or HTML via the publication name, which is not properly handled in an error message. NOTE: this vulnerability was SPLIT from CVE-2013-6242 because it affects different sets of versions. | ||||
| CVE-2013-6242 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | 6.1 Medium |
| Cross-site scripting (XSS) vulnerability in the frontend in Open-Xchange (OX) AppSuite 6.22.3 before 6.22.3-rev5 and 6.22.4 before 6.22.4-rev12 allows remote attackers to inject arbitrary web script or HTML via the subject of an email. NOTE: the vulnerabilities related to the body of the email and the publication name were SPLIT from this CVE ID because they affect different sets of versions. | ||||