Latest vulnerabilities for "open-xchange app suite backend"

5.4

First published (updated )

CVE-2023-41708

Open-Xchange App Suite BackendProcessing time of drive search expressions now gets monitored, and the related request is terminate…

6.5

First published (updated )

CVE-2023-41706

Open-Xchange App Suite BackendProcessing of user-defined mail search expressions is not limited. Availability of OX App Suite coul…

6.5

First published (updated )

CVE-2023-41707

Open-Xchange App Suite BackendProcessing of user-defined DAV user-agent strings is not limited. Availability of OX App Suite could…

6.5

First published (updated )

CVE-2023-41705

Open-Xchange App Suite BackendXSS

7.1

First published (updated )

CVE-2023-41704

Never miss a vulnerability like this again

Open-Xchange App Suite BackendXSS

6.1

First published (updated )

CVE-2023-41703

Open-Xchange App Suite BackendSQL Injection

7.3

First published (updated )

CVE-2023-29047

Open-Xchange App Suite BackendConnections to external data sources, like e-mail autoconfiguration, were not terminated in case the…

4.3

First published (updated )

CVE-2023-29046

Open-Xchange App Suite BackendXSS

5.4

First published (updated )

CVE-2023-29045

Open-Xchange App Suite BackendXSS

5.4

First published (updated )

CVE-2023-29044

Never miss a vulnerability like this again

Open-Xchange App Suite BackendXSS

6.1

First published (updated )

CVE-2023-29043

Open-Xchange App Suite BackendRMI was not requiring authentication when calling ChronosRMIService:setEventOrganizer. Attackers wit…

7.8

First published (updated )

CVE-2023-26455

Open-Xchange App Suite BackendSQL Injection

8.8

First published (updated )

CVE-2023-26454

Open-Xchange App Suite BackendSQL Injection

8.8

First published (updated )

CVE-2023-26453

Open-Xchange App Suite BackendSQL Injection

8.8

First published (updated )

CVE-2023-26452

Never miss a vulnerability like this again

Open-Xchange App Suite BackendFunctions with insufficient randomness were used to generate authorization tokens of the integrated …

7.5

First published (updated )

CVE-2023-26451

Open-Xchange App Suite BackendSQL Injection

critical

9.8

First published (updated )

CVE-2023-26443

Open-Xchange App Suite BackendSSRF

4.3

First published (updated )

CVE-2023-26438

Open-Xchange App Suite BackendCommand Injection

4.3

First published (updated )

CVE-2023-26430

Open-Xchange App Suite BackendCode Injection

8.8

First published (updated )

CVE-2023-26436

Never miss a vulnerability like this again

Open-Xchange App Suite BackendSSRF

First published (updated )

CVE-2023-26435

Open-Xchange App Suite BackendWhen adding an external mail account, processing of POP3 "capabilities" responses are not limited to…

4.3

First published (updated )

CVE-2023-26434

Open-Xchange App Suite BackendWhen adding an external mail account, processing of IMAP "capabilities" responses are not limited to…

4.3

First published (updated )

CVE-2023-26433

Open-Xchange App Suite BackendWhen adding an external mail account, processing of SMTP "capabilities" responses are not limited to…

4.3

First published (updated )

CVE-2023-26432

Open-Xchange App Suite BackendSSRF

First published (updated )

CVE-2023-26431

Never miss a vulnerability like this again

Open-Xchange App Suite BackendCommand Injection

5.3

First published (updated )

CVE-2023-26429

Open-Xchange App Suite BackendAttackers can successfully request arbitrary snippet IDs, including E-Mail signatures of other users…

6.5

First published (updated )

CVE-2023-26428

Open-Xchange App Suite BackendDefault permissions for a properties file were too permissive. Local system users could read potenti…

low

3.3

First published (updated )

CVE-2023-26427

Open-Xchange App Suite BackendXSS

6.1

First published (updated )

CVE-2022-37309

Open-Xchange App Suite BackendXSS

6.1

First published (updated )

CVE-2022-37310

Never miss a vulnerability like this again