Lucene search
K

968 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 11:28 a.m.22 views

CVE-2021-33493

The middleware component in OX App Suite through 7.10.5 allows Code Injection via Java classes in a YAML format...

6CVSS7.3AI score0.00479EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:28 a.m.17 views

CVE-2021-33495

OX App Suite 7.10.5 allows XSS via an OX Chat system message...

6.1CVSS5.8AI score0.01092EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:27 a.m.15 views

CVE-2021-33491

OX App Suite through 7.10.5 allows Directory Traversal via ../ in an OOXML or ODF ZIP archive, because of the mishandling of relative paths in mail addresses in conjunction with auto-configuration DNS records...

6.5CVSS6.9AI score0.02435EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:26 a.m.20 views

CVE-2021-33492

OX App Suite 7.10.5 allows XSS via an OX Chat room name...

6.1CVSS5.8AI score0.01113EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:26 a.m.7 views

CVE-2021-33494

OX App Suite 7.10.5 allows XSS via an OX Chat room title during typing rendering...

6.1CVSS5.8AI score0.01113EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:24 a.m.5 views

CVE-2021-31934

OX App Suite 7.10.4 and earlier allows XSS via a crafted contact object payload in the position or company field that is mishandled in the App Suite UI on a smartphone...

6.1CVSS6AI score0.00944EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:23 a.m.3 views

CVE-2021-31935

OX App Suite 7.10.4 and earlier allows XSS via a crafted distribution list payload in the common name that is mishandled in the scheduling view...

6.1CVSS6AI score0.00944EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:55 a.m.8 views

CVE-2022-23101

OX App Suite through 7.10.6 allows XSS via appHandler in a deep link in an e-mail message...

6.1CVSS5.8AI score0.00606EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:55 a.m.9 views

CVE-2022-23099

OX App Suite through 7.10.6 allows XSS by forcing block-wise read...

5.4CVSS6.1AI score0.00573EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:53 a.m.7 views

CVE-2022-23100

OX App Suite through 7.10.6 allows OS Command Injection via Documentconverter e.g., through an email attachment...

9.8CVSS7.4AI score0.0305EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:50 a.m.5 views

CVE-2022-37311

OX App Suite through 7.10.6 has Uncontrolled Resource Consumption via a large location request parameter to the redirect servlet...

5.3CVSS6.9AI score0.00916EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:49 a.m.6 views

CVE-2022-37307

OX App Suite through 7.10.6 allows XSS via XHTML CDATA for a snippet, as demonstrated by the onerror attribute of an IMG element within an e-mail signature...

6.1CVSS6.2AI score0.00538EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:49 a.m.4 views

CVE-2022-37312

OX App Suite through 7.10.6 has Uncontrolled Resource Consumption via a large request body containing a redirect URL to the deferrer servlet...

5.3CVSS6.9AI score0.00916EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:48 a.m.6 views

CVE-2022-31469

OX App Suite through 7.10.6 allows XSS via a deep link, as demonstrated by class="deep-link-app" for a /!!=%2e./ URI...

6.1CVSS5.8AI score0.00538EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:46 a.m.16 views

CVE-2022-31468

OX App Suite through 8.2 allows XSS via an attachment or OX Drive content when a client uses the len or off parameter...

6.1CVSS5.9AI score0.00476EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:10 a.m.9 views

CVE-2019-11521

OX App Suite 7.10.1 allows Content Spoofing...

8.1CVSS6.9AI score0.01683EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:9 a.m.7 views

CVE-2019-11806

OX App Suite 7.10.1 and earlier has Insecure Permissions...

3.3CVSS7AI score0.00387EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:57 a.m.8 views

CVE-2020-12644

OX App Suite 7.10.3 and earlier allows SSRF, related to the mail account API and the /folder/list API...

5CVSS6.9AI score0.00685EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:55 a.m.6 views

CVE-2020-12645

OX App Suite 7.10.1 to 7.10.3 has improper input validation for rate limits with a crafted User-Agent header, spoofed vacation notices, and /apps/load memory consumption...

9.8CVSS6.9AI score0.01075EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:49 a.m.4 views

CVE-2020-24700

OX App Suite through 7.10.3 allows SSRF because GET requests are sent to arbitrary domain names with an initial autoconfig. substring...

5.5CVSS7AI score0.01233EPSS
Exploits3References1
Rows per page
Query Builder