Export limit exceeded: 334636 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (194 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2018-5752 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 N/A
The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors involving non-decimal representations of IP addresses and special IPv6 related addresses.
CVE-2018-5751 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 N/A
The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 allows remote authenticated users to obtain sensitive information about external guest users via vectors related to the "groups" and "users" APIs.
CVE-2018-13104 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 N/A
OX App Suite 7.8.4 and earlier allows XSS. Internal reference: 58742 (Bug ID)
CVE-2018-13103 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 N/A
OX App Suite 7.8.4 and earlier allows SSRF.
CVE-2018-12611 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 N/A
OX App Suite 7.8.4 and earlier allows Directory Traversal.
CVE-2018-12610 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 N/A
OX App Suite 7.8.4 and earlier allows Information Exposure.
CVE-2018-12609 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 N/A
OX App Suite 7.8.4 and earlier allows Server-Side Request Forgery.
CVE-2017-9809 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 N/A
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Information Exposure.
CVE-2017-9808 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 N/A
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS).
CVE-2017-8341 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 N/A
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Content Spoofing.
CVE-2017-8340 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 N/A
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.
CVE-2017-6913 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in the Open-Xchange webmail before 7.6.3-rev28 allows remote attackers to inject arbitrary web script or HTML via the event attribute in a time tag.
CVE-2017-6912 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 N/A
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.
CVE-2017-5864 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 N/A
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Cross Site Scripting (XSS).
CVE-2017-5863 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 N/A
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.
CVE-2017-5213 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 N/A
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Cross Site Scripting (XSS).
CVE-2017-5212 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 N/A
Open-Xchange GmbH OX App Suite 7.8.3 is affected by: Incorrect Access Control.
CVE-2017-5211 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 N/A
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Content Spoofing.
CVE-2017-5210 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 N/A
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Information Exposure.
CVE-2017-17062 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 N/A
The backend component in Open-Xchange OX App Suite before 7.6.3-rev35, 7.8.x before 7.8.2-rev38, 7.8.3 before 7.8.3-rev41, and 7.8.4 before 7.8.4-rev19 allows remote authenticated users to save arbitrary user attributes by leveraging improper privilege management.