Open-xchange Open-xchange_appsuite
157 CVEs affecting Open-xchange Open-xchange_appsuite. Latest disclosed: 2024-02-12. Critical: 7, High: 16.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-13667 | Critical | 9.9 | 2019-05-23 | OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF. |
CVE-2020-12645 | Critical | 9.8 | 2020-08-31 | OX App Suite 7.10.1 to 7.10.3 has improper input validation for rate limits with a crafted User-Agent header, spoofed vacation notices, and /apps/load memory c… |
CVE-2019-7158 | Critical | 9.8 | 2019-06-17 | OX App Suite 7.10.0 and earlier has Incorrect Access Control. |
CVE-2017-5212 | Critical | 9.8 | 2019-05-23 | Open-Xchange GmbH OX App Suite 7.8.3 is affected by: Incorrect Access Control. |
CVE-2017-5210 | Critical | 9.8 | 2019-05-23 | Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Information Exposure. |
CVE-2017-17060 | Critical | 9.8 | 2019-05-23 | OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Insecure Permissions. |
CVE-2017-5863 | Critical | 9.8 | 2019-05-22 | Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control. |
CVE-2017-8340 | High | 8.8 | 2019-05-22 | Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control. |
CVE-2017-6912 | High | 8.8 | 2019-05-22 | Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control. |
CVE-2018-5752 | High | 8.8 | 2018-06-16 | The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 allows… |
CVE-2019-14226 | High | 8.1 | 2019-10-14 | OX App Suite through 7.10.2 has Insecure Permissions. |
CVE-2019-11521 | High | 8.1 | 2019-08-20 | OX App Suite 7.10.1 allows Content Spoofing. |
CVE-2014-5238 | High | 7.8 | 2020-01-14 | XML external entity (XXE) vulnerability in Open-Xchange (OX) AppSuite before 7.4.2-rev11 and 7.6.x before 7.6.0-rev9 allows remote attackers to read arbitrary… |
CVE-2023-26454 | High | 7.6 | 2023-11-02 | Requests to fetch image metadata could be abused to include SQL queries that would be executed unchecked. Exploiting this vulnerability requires at least acces… |
CVE-2023-26453 | High | 7.6 | 2023-11-02 | Requests to cache an image could be abused to include SQL queries that would be executed unchecked. Exploiting this vulnerability requires at least access to a… |
CVE-2023-26452 | High | 7.6 | 2023-11-02 | Requests to cache an image and return its metadata could be abused to include SQL queries that would be executed unchecked. Exploiting this vulnerability requi… |
CVE-2020-8543 | High | 7.5 | 2020-06-16 | OX App Suite through 7.10.3 has Improper Input Validation. |
CVE-2014-5236 | High | 7.5 | 2020-01-31 | Multiple absolute path traversal vulnerabilities in documentconverter in Open-Xchange (OX) AppSuite before 7.4.2-rev10 and 7.6.x before 7.6.0-rev10 allow remot… |
CVE-2019-7159 | High | 7.5 | 2019-06-18 | OX App Suite 7.10.1 and earlier allows Information Exposure. |
CVE-2017-5211 | High | 7.5 | 2019-05-23 | Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Content Spoofing. |