Lucene search
+L

402 matches found

nessus
nessus
added 2026/07/10 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-39179

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A SQL injection vulnerability in SOGo before 5.12.7 allows authenticated users to execute arbitrary SQL statements via the newPassword parameter in the password...

6.3CVSS7.3AI score0.00157EPSS
Exploits0References3
nessus
nessus
added 2026/07/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-39178

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A SQL injection vulnerability in SOGo before 5.12.7 allows authenticated users to execute arbitrary SQL statements via the search parameter of the...

6.3CVSS7.3AI score0.00157EPSS
Exploits0References3
euvd
euvd
added 2026/07/09 12:31 a.m.5 views

EUVD-2026-42500

A SQL injection vulnerability in SOGo before 5.12.7 allows authenticated users to execute arbitrary SQL statements via the newPassword parameter in the password change functionality...

6.3CVSS7.5AI score0.00157EPSS
Exploits0References3
euvd
euvd
added 2026/07/09 12:31 a.m.6 views

EUVD-2026-42499

A SQL injection vulnerability in SOGo before 5.12.7 allows authenticated users to execute arbitrary SQL statements via the search parameter of the allContactSearch endpoint...

6.3CVSS7.5AI score0.00157EPSS
Exploits0References3
osv
osv
added 2026/07/08 10:17 p.m.2 views

DEBIAN-CVE-2026-39179

A SQL injection vulnerability in SOGo before 5.12.7 allows authenticated users to execute arbitrary SQL statements via the newPassword parameter in the password change functionality...

6.3CVSS7.2AI score0.00157EPSS
Exploits0References1
osv
osv
added 2026/07/08 10:17 p.m.3 views

DEBIAN-CVE-2026-39178

A SQL injection vulnerability in SOGo before 5.12.7 allows authenticated users to execute arbitrary SQL statements via the search parameter of the allContactSearch endpoint...

6.3CVSS7.2AI score0.00157EPSS
Exploits0References1
nvd
nvd
added 2026/07/08 10:17 p.m.7 views

CVE-2026-39178

A SQL injection vulnerability in SOGo before 5.12.7 allows authenticated users to execute arbitrary SQL statements via the search parameter of the allContactSearch endpoint...

6.3CVSS0.00157EPSS
Exploits0References2
nvd
nvd
added 2026/07/08 10:17 p.m.10 views

CVE-2026-39179

A SQL injection vulnerability in SOGo before 5.12.7 allows authenticated users to execute arbitrary SQL statements via the newPassword parameter in the password change functionality...

6.3CVSS0.00157EPSS
Exploits0References2
osv
osv
added 2026/07/08 10:17 p.m.5 views

UBUNTU-CVE-2026-39179

A SQL injection vulnerability in SOGo before 5.12.7 allows authenticated users to execute arbitrary SQL statements via the newPassword parameter in the password change functionality...

6.3CVSS7.2AI score0.00157EPSS
Exploits0References4
osv
osv
added 2026/07/08 10:17 p.m.4 views

UBUNTU-CVE-2026-39178

A SQL injection vulnerability in SOGo before 5.12.7 allows authenticated users to execute arbitrary SQL statements via the search parameter of the allContactSearch endpoint...

6.3CVSS6.3AI score0.00157EPSS
Exploits0References4
cvelist
cvelist
added 2026/07/08 12:0 a.m.29 views

CVE-2026-39179

A SQL injection vulnerability in SOGo before 5.12.7 allows authenticated users to execute arbitrary SQL statements via the newPassword parameter in the password change functionality...

0.00157EPSS
Exploits0References2
cvelist
cvelist
added 2026/07/08 12:0 a.m.28 views

CVE-2026-39178

A SQL injection vulnerability in SOGo before 5.12.7 allows authenticated users to execute arbitrary SQL statements via the search parameter of the allContactSearch endpoint...

0.00157EPSS
Exploits0References2
cve
cve
added 2026/07/08 12:0 a.m.8 views

CVE-2026-39178

The CVE-2026-39178 issue affects SOGo up to version 5.12.6, where the contact search component exposes a SQL injection via the allContactSearch endpoint’s search parameter. The root cause is insufficient protection of the SQL query structure, enabling authenticated users to execute arbitrary SQL ...

6.3CVSS7.5AI score0.00157EPSS
Exploits0References2
cve
cve
added 2026/07/08 12:0 a.m.6 views

CVE-2026-39179

SOGo

6.3CVSS7.5AI score0.00157EPSS
Exploits0References2
osv
osv
added 2026/07/08 12:0 a.m.3 views

CVE-2026-39178

A SQL injection vulnerability in SOGo before 5.12.7 allows authenticated users to execute arbitrary SQL statements via the search parameter of the allContactSearch endpoint...

6.3CVSS7.2AI score0.00157EPSS
Exploits0References4
osv
osv
added 2026/07/08 12:0 a.m.3 views

CVE-2026-39179

A SQL injection vulnerability in SOGo before 5.12.7 allows authenticated users to execute arbitrary SQL statements via the newPassword parameter in the password change functionality...

6.3CVSS7.2AI score0.00157EPSS
Exploits0References4
ubuntu
ubuntu
added 2026/07/05 11:1 p.m.12 views

USN-8504-1: SOGo vulnerabilities

It was discovered that SOGo did not properly sanitize categories used for events, tasks, and contacts. A remote authenticated attacker could possibly use this issue to perform cross-site scripting attacks. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu...

8.6CVSS6.5AI score0.00987EPSS
Exploits3
debian
debian
added 2026/06/29 6:30 p.m.7 views

[SECURITY] [DLA 4657-1] sogo security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4657-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb June 29, 2026 https://wiki.debian.org/LTS -...

8.6CVSS6AI score0.00316EPSS
Exploits0
nessus
nessus
added 2026/06/26 12:0 a.m.8 views

Debian dsa-6366 : sogo - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6366 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6366-1 [email protected] https://www.debian.org/securit...

8.6CVSS5.8AI score0.00398EPSS
Exploits0References16
debian
debian
added 2026/06/25 6:21 p.m.6 views

[SECURITY] [DSA 6366-1] sogo security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6366-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 25, 2026 https://www.debian.org/security/faq -...

8.6CVSS5.7AI score0.00398EPSS
Exploits0
Rows per page
Query Builder