CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Open-xchange : Security Vulnerabilities Published In 2019

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-11806 275 2019-08-20 2019-08-26
2.1
None Local Low Not required Partial None None
OX App Suite 7.10.1 and earlier has Insecure Permissions.
2 CVE-2019-11522 79 XSS 2019-08-20 2019-08-23
3.5
None Remote Medium Single system None Partial None
OX App Suite 7.10.0 to 7.10.2 allows XSS.
3 CVE-2019-11521 20 2019-08-20 2019-08-28
5.8
None Remote Medium Not required Partial Partial None
OX App Suite 7.10.1 allows Content Spoofing.
4 CVE-2019-7159 200 +Info 2019-06-18 2019-06-18
5.0
None Remote Low Not required Partial None None
OX App Suite 7.10.1 and earlier allows Information Exposure.
5 CVE-2019-7158 284 2019-06-17 2019-06-18
7.5
None Remote Low Not required Partial Partial Partial
OX App Suite 7.10.0 and earlier has Incorrect Access Control.
6 CVE-2018-10986 352 CSRF 2019-07-03 2019-07-05
6.8
None Remote Medium Not required Partial Partial Partial
OX Guard 2.8.0 has CSRF.
7 CVE-2017-17061 79 XSS 2019-05-23 2019-05-23
3.5
None Remote Medium Single system None Partial None
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS).
8 CVE-2017-17060 275 2019-05-23 2019-05-23
7.5
None Remote Low Not required Partial Partial Partial
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Insecure Permissions.
9 CVE-2017-15030 79 XSS 2019-05-23 2019-05-23
4.3
None Remote Medium Not required None Partial None
Open-Xchange GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS).
10 CVE-2017-15029 918 2019-05-23 2019-05-23
4.0
None Remote Low Single system None Partial None
Open-Xchange GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF.
11 CVE-2017-13668 79 XSS 2019-05-23 2019-05-23
3.5
None Remote Medium Single system None Partial None
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS).
12 CVE-2017-13667 918 2019-05-23 2019-05-28
6.5
None Remote Low Single system Partial Partial Partial
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF.
13 CVE-2017-12885 79 XSS 2019-05-10 2019-05-10
4.3
None Remote Medium Not required None Partial None
OX Software GmbH App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS).
14 CVE-2017-12884 200 +Info 2019-05-10 2019-05-10
5.0
None Remote Low Not required Partial None None
OX Software GmbH App Suite 7.8.4 and earlier is affected by: Information Exposure.
15 CVE-2017-9809 200 +Info 2019-05-22 2019-05-23
5.0
None Remote Low Not required Partial None None
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Information Exposure.
16 CVE-2017-9808 79 XSS 2019-05-22 2019-05-23
4.3
None Remote Medium Not required None Partial None
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS).
17 CVE-2017-8777 285 2019-05-22 2019-05-23
6.5
None Remote Low Single system Partial Partial Partial
Open-Xchange GmbH OX Cloud Plugins 1.4.0 and earlier is affected by: Missing Authorization.
18 CVE-2017-8341 20 2019-05-22 2019-05-23
5.0
None Remote Low Not required None Partial None
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Content Spoofing.
19 CVE-2017-8340 284 2019-05-22 2019-05-23
6.5
None Remote Low Single system Partial Partial Partial
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.
20 CVE-2017-6912 284 2019-05-22 2019-05-23
6.5
None Remote Low Single system Partial Partial Partial
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.
21 CVE-2017-5864 79 XSS 2019-05-22 2019-05-23
4.3
None Remote Medium Not required None Partial None
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Cross Site Scripting (XSS).
22 CVE-2017-5863 284 2019-05-22 2019-05-23
7.5
None Remote Low Not required Partial Partial Partial
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.
23 CVE-2017-5213 79 XSS 2019-05-23 2019-05-23
4.3
None Remote Medium Not required None Partial None
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Cross Site Scripting (XSS).
24 CVE-2017-5212 284 2019-05-23 2019-05-23
7.5
None Remote Low Not required Partial Partial Partial
Open-Xchange GmbH OX App Suite 7.8.3 is affected by: Incorrect Access Control.
25 CVE-2017-5211 20 2019-05-23 2019-05-23
5.0
None Remote Low Not required None Partial None
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Content Spoofing.
26 CVE-2017-5210 200 +Info 2019-05-23 2019-05-23
5.0
None Remote Low Not required Partial None None
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Information Exposure.
Total number of vulnerabilities : 26   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.