Open-xchange Open-xchange_appsuite

157 CVEs affecting Open-xchange Open-xchange_appsuite. Latest disclosed: 2024-02-12. Critical: 7, High: 16.

Top CVEs affecting Open-xchange Open-xchange_appsuite
CVESeverityScorePublishedSummary
CVE-2017-13667Critical9.92019-05-23OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF.
CVE-2020-12645Critical9.82020-08-31OX App Suite 7.10.1 to 7.10.3 has improper input validation for rate limits with a crafted User-Agent header, spoofed vacation notices, and /apps/load memory c…
CVE-2019-7158Critical9.82019-06-17OX App Suite 7.10.0 and earlier has Incorrect Access Control.
CVE-2017-5212Critical9.82019-05-23Open-Xchange GmbH OX App Suite 7.8.3 is affected by: Incorrect Access Control.
CVE-2017-5210Critical9.82019-05-23Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Information Exposure.
CVE-2017-17060Critical9.82019-05-23OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Insecure Permissions.
CVE-2017-5863Critical9.82019-05-22Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.
CVE-2017-8340High8.82019-05-22Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.
CVE-2017-6912High8.82019-05-22Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.
CVE-2018-5752High8.82018-06-16The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 allows…
CVE-2019-14226High8.12019-10-14OX App Suite through 7.10.2 has Insecure Permissions.
CVE-2019-11521High8.12019-08-20OX App Suite 7.10.1 allows Content Spoofing.
CVE-2014-5238High7.82020-01-14XML external entity (XXE) vulnerability in Open-Xchange (OX) AppSuite before 7.4.2-rev11 and 7.6.x before 7.6.0-rev9 allows remote attackers to read arbitrary…
CVE-2023-26454High7.62023-11-02Requests to fetch image metadata could be abused to include SQL queries that would be executed unchecked. Exploiting this vulnerability requires at least acces…
CVE-2023-26453High7.62023-11-02Requests to cache an image could be abused to include SQL queries that would be executed unchecked. Exploiting this vulnerability requires at least access to a…
CVE-2023-26452High7.62023-11-02Requests to cache an image and return its metadata could be abused to include SQL queries that would be executed unchecked. Exploiting this vulnerability requi…
CVE-2020-8543High7.52020-06-16OX App Suite through 7.10.3 has Improper Input Validation.
CVE-2014-5236High7.52020-01-31Multiple absolute path traversal vulnerabilities in documentconverter in Open-Xchange (OX) AppSuite before 7.4.2-rev10 and 7.6.x before 7.6.0-rev10 allow remot…
CVE-2019-7159High7.52019-06-18OX App Suite 7.10.1 and earlier allows Information Exposure.
CVE-2017-5211High7.52019-05-23Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Content Spoofing.