1. Home
  2. CVEs with refmap.fulldisc==20180608 Open-Xchange Security Advisory 2018-06-08
Max CVSS 7.1 Min CVSS 3.5 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2018-5756 4.0
The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 does not properly check for folder-to-object association, which allows remote authenticated users
03-10-2019 - 00:03 16-06-2018 - 01:29
CVE-2017-17062 4.0
The backend component in Open-Xchange OX App Suite before 7.6.3-rev35, 7.8.x before 7.8.2-rev38, 7.8.3 before 7.8.3-rev41, and 7.8.4 before 7.8.4-rev19 allows remote authenticated users to save arbitrary user attributes by leveraging improper privile
03-10-2019 - 00:03 16-06-2018 - 01:29
CVE-2018-5755 7.1
Absolute path traversal vulnerability in the readerengine component in Open-Xchange OX App Suite before 7.6.3-rev3, 7.8.x before 7.8.2-rev4, 7.8.3 before 7.8.3-rev5, and 7.8.4 before 7.8.4-rev4 allows remote attackers to read arbitrary files via a fu
03-08-2018 - 18:28 16-06-2018 - 01:29
CVE-2018-5753 4.0
The frontend component in Open-Xchange OX App Suite before 7.6.3-rev31, 7.8.x before 7.8.2-rev31, 7.8.3 before 7.8.3-rev41, and 7.8.4 before 7.8.4-rev20 allows remote attackers to spoof the origin of e-mails via unicode characters in the "personal pa
03-08-2018 - 18:19 16-06-2018 - 01:29
CVE-2018-5752 6.5
The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors involvin
03-08-2018 - 17:09 16-06-2018 - 01:29
CVE-2018-5751 4.0
The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 allows remote authenticated users to obtain sensitive information about external guest users via v
03-08-2018 - 17:06 16-06-2018 - 01:29
CVE-2018-5754 3.5
Cross-site scripting (XSS) vulnerability in the office-web component in Open-Xchange OX App Suite before 7.8.3-rev12 and 7.8.4 before 7.8.4-rev9 allows remote attackers to inject arbitrary web script or HTML via a crafted presentation file, related t
02-08-2018 - 19:42 16-06-2018 - 01:29
Back to Top Mark selected
Back to Top