21 matches found
Rocket TRUfusion Enterprise 安全漏洞
Rocket TRUfusion Enterprise is a product lifecycle management platform developed by the American company Rocket. Versions of Rocket TRUfusion Enterprise 7.10.5 and earlier contain security vulnerabilities. These vulnerabilities stem from improper cleaning of the jobDirectory parameter, which may...
EUVD-2021-31061
Malicious code in bioql PyPI...
CVE-2021-33489
OX App Suite through 7.10.5 allows XSS via JavaScript code in a shared XCF file...
curl 安全漏洞
curl is a cURL open source tool for transferring data from or to a server. A security vulnerability exists in curl versions 7.10.5 through 8.11.1 that stems from incorrectly closing the same eventfd file descriptor twice when closing the connection channel after completing threaded name resolutio...
Critical: Red Hat Security Advisory: Red Hat AMQ Broker 7.10.5 release and security update
Red Hat AMQ Broker 7.10.5 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
CVE-2021-44209
OX App Suite through 7.10.5 allows XSS via an HTML 5 element such as AUDIO...
CVE-2021-44208
OX App Suite through 7.10.5 allows XSS via an unknown system message in Chat...
CVE-2021-44210
OX App Suite through 7.10.5 allows XSS via NIFF Notation Interchange File Format data...
Format string
OX App Suite through 7.10.5 allows XSS via NIFF Notation Interchange File Format data...
CVE-2021-44208
OX App Suite through 7.10.5 allows XSS via an unknown system message in Chat...
Open-xchange OX App Suite cross-site scripting vulnerability (CNVD-2022-28451)
Open-xchange OX App Suite is a set of Web-based cloud desktop environments from Open-Xchange Open-xchange USA. The environment allows users to manage email, tasks, files, etc. more intuitively. A security vulnerability exists in Open-xchange OX App Suite versions 7.10.5 and below, and no detailed...
Open-Xchange OX App Suite 跨站脚本漏洞
Open-xchange OX App Suite is a set of Web-based cloud desktop environments from Open-Xchange Open-xchange USA. The environment allows users to manage email, tasks, files, etc. more intuitively. A cross-site scripting vulnerability exists in Open-xchange OX App Suite version 7.10.5 and prior...
Open-xchange OX App Suite 跨站脚本漏洞
Open-xchange OX App Suite is a set of Web-based cloud desktop environments from Open-Xchange Open-xchange USA. The environment allows users to manage email, tasks, files, etc. more intuitively. A cross-site scripting vulnerability exists in OX App Suite version 7.10.5 and prior versions, no...
CVE-2021-33495
OX App Suite 7.10.5 allows XSS via an OX Chat system message...
CVE-2021-38378
OX App Suite 7.10.5 allows Information Exposure because a caching mechanism can caused a Modified By response to show a person's name...
CVE-2021-38376
The CVE describes an information-disclosure vulnerability in Open-Xchange OX App Suite (through 7.10.5) due to Incorrect Access Control in the rampup action of the login API, enabling retrieval of session information. Affected product: OX App Suite; component: login API rampup path; root cause: a...
CVE-2021-33488
OX App Suite 7.10.5 chat component has an input validation issue that can redirect a user to a rogue OX Chat server via a development-related hook. Affected product: OX App Suite (and OX Documents’s backend chat-related flow). Root cause: improper input validation in chat-related handling. Impact...
OX App Suite 7.10.5 Cross Site Scripting / Information Disclosure
Product: OX App Suite Vendor: OX Software GmbH Internal reference: OXUIB-872 Vulnerability type: Cross-Site Scripting CWE-80 Vulnerable version: 7.10.5 and earlier Vulnerable component: frontend Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 7.10.3-rev30, 7.10.4-rev2...
OX App Suite / Ox Documents 7.10.x XSS / Code Injection / Traversal
Product: OX App Suite, OX Documents Vendor: OX Software GmbH Internal reference: MWB-993 Vulnerability type: Cross-Site Scripting CWE-80 Vulnerable version: 7.10.5 and earlier Vulnerable component: backend Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 7.10.3-rev35,...
CVE-2021-28095
OX Documents before 7.10.5-rev5 has Incorrect Access Control for documents that contain XML structures because hash collisions can occur, due to use of CRC32...