CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2031 matches found

OSV•added 2024/06/07 4:15 a.m.•27 views

CVE-2024-37385

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 on Windows allows command injection via imconvertpath and imidentifypath. NOTE: this issue exists because of an incomplete fix for CVE-2020-12641...

9.8CVSS7.5AI score

Exploits0References3

OSV•added 2024/06/07 4:15 a.m.•1 views

DEBIAN-CVE-2024-37384

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via list columns from user preferences...

6.1CVSS5AI score0.00498EPSS

Exploits0References1

OSV•added 2024/06/07 4:15 a.m.•26 views

CVE-2024-37383

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes...

6.1CVSS5.8AI score0.73296EPSS

Exploits5References5

OSV•added 2024/06/07 4:15 a.m.•1 views

DEBIAN-CVE-2024-37383

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes...

6.1CVSS7.2AI score0.73296EPSS

Exploits5References1

OSV•added 2024/06/07 4:15 a.m.•27 views

CVE-2024-37384

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via list columns from user preferences...

6.1CVSS5.8AI score

Exploits0References4

NVD•added 2024/06/07 4:15 a.m.•26 views

CVE-2024-37383

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes...

6.1CVSS0.73296EPSS

Exploits5References5

NVD•added 2024/06/07 4:15 a.m.•52 views

CVE-2024-37385

9.8CVSS0.01477EPSS

Exploits0References3

NVD•added 2024/06/07 4:15 a.m.•20 views

CVE-2024-37384

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via list columns from user preferences...

6.1CVSS0.00498EPSS

Exploits0References4

UbuntuCve•added 2024/06/07 4:15 a.m.•31 views

CVE-2024-37385

9.8CVSS5.8AI score0.01477EPSS

Exploits0References4

UbuntuCve•added 2024/06/07 4:15 a.m.•37 views

CVE-2024-37383

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes...

6.1CVSS7AI score0.73296EPSS

Exploits5References7

UbuntuCve•added 2024/06/07 4:15 a.m.•31 views

CVE-2024-37384

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via list columns from user preferences...

6.1CVSS5.8AI score0.00498EPSS

Exploits0References6

OSV•added 2024/06/07 4:15 a.m.•1 views

UBUNTU-CVE-2024-37384

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via list columns from user preferences...

6.1CVSS5.8AI score0.00498EPSS

Exploits0References7

OSV•added 2024/06/07 4:15 a.m.•0 views

UBUNTU-CVE-2024-37383

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via SVG animate attributes...

6.1CVSS7.3AI score0.73296EPSS

Exploits5References8

Vulnrichment•added 2024/06/07 3:24 a.m.•29 views

CVE-2024-37385

7.9AI score0.01477EPSS

Exploits0References3

CVE•added 2024/06/07 3:24 a.m.•142 views

CVE-2024-37385

Affected software: Roundcube Webmail on Windows. Vulnerability: command injection in im_convert_path and im_identify_path present in Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7, due to an incomplete fix for CVE-2020-12641. Impact (per CVSS): high confidentiality, integrity, and availabi...

9.8CVSS9.8AI score0.01477EPSS

Exploits0References3Affected Software1