open-xchange

272 tracked vulnerabilities.

CVE-2015-7385
Open-Xchange OX Guard < 2.0.0 - Cross-Site Scripting via PGP Public Key UID Field
Nov 19, 2015
EPSS 0.00
CVE-2015-5375
Open-Xchange Server/OX App Suite <6.22.8-rev8-7.6.2-rev20 - XSS
Sep 28, 2015
EPSS 0.00
CVE-2014-5236 HIGH
Open-Xchange AppSuite < 7.4.2-rev10 and 7.6.x < 7.6.0-rev10 - Path Traversal via OpenDocument File
Jan 31, 2020
CVSS 7.5
EPSS 0.07
CVE-2014-5238 HIGH
Open-Xchange AppSuite < 7.4.2-rev11 and 7.6.x < 7.6.0-rev9 - XXE via OpenDocument Text Document
Jan 14, 2020
CVSS 7.8
EPSS 0.00
CVE-2014-2078 MEDIUM
Open-Xchange OX AppSuite <7.4.2-rev9 - Info Disclosure
Apr 10, 2018
CVSS 5.3
EPSS 0.00
CVE-2014-9466
Open-Xchange (OX) AppSuite & Server <7.4.2-rev42, 7.6.0 <7.6.0-rev3...
Feb 17, 2015
EPSS 0.00
CVE-2014-8993
Open-Xchange (OX) AppSuite <7.4.2-rev40, <7.6.0-rev32, <7.6.1-rev11...
Jan 07, 2015
EPSS 0.00
CVE-2014-1679
Open-Xchange AppSuite < 7.2.2 - Cross-Site Scripting via SVG File Header
Jan 05, 2015
EPSS 0.00
CVE-2014-5237
Open-Xchange AppSuite < 7.4.2-rev10 and 7.6.x < 7.6.0-rev10 - Server-Side Request Forgery via Document Image Preview
Dec 01, 2014
EPSS 0.00
CVE-2014-7871
Open-Xchange AppSuite < 7.4.2-rev36 and 7.6.x < 7.6.0-rev23 - Authenticated SQL Injection via jslob API
Nov 21, 2014
EPSS 0.00
CVE-2014-5235
Open-Xchange AppSuite < 7.4.2-rev33 and 7.6.x < 7.6.0-rev16 - Cross-Site Scripting via RSS Feed Fields
Sep 17, 2014
EPSS 0.00
CVE-2014-5234
Open-Xchange AppSuite < 7.4.2-rev33 and 7.6.x < 7.6.0-rev16 - Cross-Site Scripting via Folder Publication Name
Sep 17, 2014
EPSS 0.00
CVE-2014-2393
Open-Xchange AppSuite <7.4.1-rev11, <7.4.2-rev13 - XSS
Apr 24, 2014
EPSS 0.00
CVE-2014-2392
Open-Xchange AppSuite <7.4.2 - Info Disclosure
Apr 24, 2014
EPSS 0.00
CVE-2014-2391
Open-Xchange AppSuite < 7.2.2 - Exposure of Sensitive Information via Password Recovery Service
Apr 24, 2014
EPSS 0.00
CVE-2014-2077
Open-Xchange (OX) AppSuite <7.4.1-rev10-7.4.2-rev8 - XSS
Mar 20, 2014
EPSS 0.00
CVE-2013-7486 MEDIUM
Open-Xchange (OX) AppSuite <7.2.2-rev27, <7.4.0-rev20 - XSS
Jan 02, 2020
CVSS 6.1
EPSS 0.01
CVE-2013-7485 MEDIUM
Open-Xchange (OX) AppSuite <7.2.2-rev26 & <7.4.0-rev16 - XSS
Jan 02, 2020
CVSS 6.1
EPSS 0.01
CVE-2013-6242 MEDIUM
Open-Xchange AppSuite 6.22.3-6.22.4 - Cross-Site Scripting via Email Subject
Jan 02, 2020
CVSS 6.1
EPSS 0.01
CVE-2013-6241
Open-Xchange AppSuite 7.2.x < 7.2.2-rev25 and 7.4.x < 7.4.0-rev14 - Sensitive Information Exposure via Birthday Widget
Dec 27, 2014
EPSS 0.00
CVE-2013-7143
Open-Xchange OX AppSuite 7.4.1 - XSS
Jan 26, 2014
EPSS 0.00
CVE-2013-7142
Open-Xchange OX AppSuite <7.4.1 - XSS
Jan 26, 2014
EPSS 0.00
CVE-2013-7141
Open-Xchange OX AppSuite <7.4.1 - XSS
Jan 26, 2014
EPSS 0.00
CVE-2013-7140
Open-Xchange OX AppSuite <7.4.1 - XXE
Jan 26, 2014
EPSS 0.00
CVE-2013-6997
Open-Xchange AppSuite <= 7.4.0 - Cross-Site Scripting via HTML Email CSS or Office Document Hyperlinks
Jan 09, 2014
EPSS 0.00
Products
open-xchange_appsuite 157 ox_app_suite 48 dovecot 16 open-xchange_appsuite_backend 14 open-xchange_server 13 ox_guard 11 open-xchange_appsuite_frontend 8 open-xchange_appsuite_office 4 open-xchange_documents 3 app_suite 2 open-xchange 2 documentconverter-api 1 office_web 1 ox_cloud 1
Quick Filters
Critical CVEs With Exploits In CISA KEV