Lucene search
K

34 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:53 a.m.8 views

CVE-2022-23100

OX App Suite through 7.10.6 allows OS Command Injection via Documentconverter e.g., through an email attachment...

9.8CVSS7.4AI score0.0305EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-29298

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00855EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-28205

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.0305EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-29297

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.03199EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:47 p.m.5 views

CVE-2022-29851

documentconverter in OX App Suite through 7.10.6, in a non-default configuration with ghostscript, allows OS Command Injection because file conversion may occur for an EPS document that is disguised as a PDF document...

9.8CVSS7.4AI score0.03596EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:31 p.m.9 views

CVE-2022-24405

OX App Suite through 7.10.6 allows OS Command Injection via a serialized Java class to the Documentconverter API...

9.8CVSS7.3AI score0.03199EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:30 p.m.18 views

CVE-2022-24406

OX App Suite through 7.10.6 allows SSRF because multipart/form-data boundaries are predictable, and this can lead to injection into internal Documentconverter API calls...

6.5CVSS7.2AI score0.00855EPSS
Exploits1References1
CVE
CVE
added 2022/10/24 8:35 p.m.68 views

CVE-2022-29851

CVE-2022-29851 affects Open-Xchange OX App Suite up to v7.10.6. In a non-default configuration using ghostscript, documentconverter can perform OS command injection when converting an EPS file masquerading as a PDF. The vulnerability is tied to the EPS→PDF conversion path and non-default ghostscr...

9.8CVSS9.6AI score0.03596EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/10/24 8:35 p.m.16 views

CVE-2022-29851

documentconverter in OX App Suite through 7.10.6, in a non-default configuration with ghostscript, allows OS Command Injection because file conversion may occur for an EPS document that is disguised as a PDF document...

9.8CVSS7.3AI score0.03596EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/07/27 2:15 p.m.8 views

CVE-2022-24406

OX App Suite through 7.10.6 allows SSRF because multipart/form-data boundaries are predictable, and this can lead to injection into internal Documentconverter API calls...

6.5CVSS6.6AI score0.00855EPSS
Exploits1References3
NVD
NVD
added 2022/07/27 2:15 p.m.48 views

CVE-2022-24406

OX App Suite through 7.10.6 allows SSRF because multipart/form-data boundaries are predictable, and this can lead to injection into internal Documentconverter API calls...

6.5CVSS0.00855EPSS
Exploits1References2
NVD
NVD
added 2022/07/27 2:15 p.m.30 views

CVE-2022-24405

OX App Suite through 7.10.6 allows OS Command Injection via a serialized Java class to the Documentconverter API...

9.8CVSS0.03199EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/07/27 2:15 p.m.6 views

CVE-2022-24405

OX App Suite through 7.10.6 allows OS Command Injection via a serialized Java class to the Documentconverter API...

9.8CVSS7.3AI score0.03199EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/07/27 2:15 p.m.6 views

CVE-2022-23100

OX App Suite through 7.10.6 allows OS Command Injection via Documentconverter e.g., through an email attachment...

9.8CVSS5.8AI score0.0305EPSS
Exploits1References3
NVD
NVD
added 2022/07/27 2:15 p.m.19 views

CVE-2022-23100

OX App Suite through 7.10.6 allows OS Command Injection via Documentconverter e.g., through an email attachment...

9.8CVSS0.0305EPSS
Exploits1References2
Prion
Prion
added 2022/07/27 2:15 p.m.20 views

Sql injection

OX App Suite through 7.10.6 allows SSRF because multipart/form-data boundaries are predictable, and this can lead to injection into internal Documentconverter API calls...

4CVSS6.6AI score0.00855EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/07/27 2:15 p.m.20 views

Command injection

OX App Suite through 7.10.6 allows OS Command Injection via a serialized Java class to the Documentconverter API...

7.5CVSS9.5AI score0.03199EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2022/07/27 2:15 p.m.22 views

Command injection

OX App Suite through 7.10.6 allows OS Command Injection via Documentconverter e.g., through an email attachment...

7.5CVSS9.7AI score0.0305EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/07/27 1:40 p.m.689 views

CVE-2022-24406

OX App Suite (Open-Xchange) up to version 7.10.6 is affected by an SSRF flaw where predictable multipart/form-data boundaries allow an attacker to inject into internal Documentconverter API calls. This can enable manipulation of internal API parameters and potentially compromise internal componen...

6.5CVSS6.6AI score0.00855EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2022/07/27 1:40 p.m.25 views

CVE-2022-24406

OX App Suite through 7.10.6 allows SSRF because multipart/form-data boundaries are predictable, and this can lead to injection into internal Documentconverter API calls...

6.5CVSS7.1AI score0.00855EPSS
Exploits1References4
Rows per page
Query Builder