1781 matches found
EUVD-2022-52239
Malicious code in bioql PyPI...
EUVD-2025-7227
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2017-16907
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field in a Create Task List action. CVE-2017-16907 Note that Nessus relies on the presence of t...
Linux Distros Unpatched Vulnerability : CVE-2021-26929
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 where the HordeTextFilter library before 2.3.7 is used. The attacker can send a...
Linux Distros Unpatched Vulnerability : CVE-2022-30287
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. This then leads to...
Linux Distros Unpatched Vulnerability : CVE-2017-14650
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Remote Code Execution vulnerability has been found in the HordeImage library when using the Im backend that utilizes ImageMagick's convert utility. It's not...
Linux Distros Unpatched Vulnerability : CVE-2020-8866
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This vulnerability allows remote attackers to create arbitrary files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is...
Linux Distros Unpatched Vulnerability : CVE-2025-30349
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Horde IMP through 6.2.27, as used with Horde Application Framework through 5.2.23, allows XSS that leads to account takeover via a crafted text/html e-mail...
Linux Distros Unpatched Vulnerability : CVE-2020-8034
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Gollem before 3.0.13, as used in Horde Groupware Webmail Edition 5.2.22 and other products, is affected by a reflected Cross-Site Scripting XSS vulnerability vi...
Linux Distros Unpatched Vulnerability : CVE-2017-16908
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Horde Groupware 5.2.19, there is XSS via the Name field during creation of a new Resource. This can be leveraged for remote code execution after compromising...
Linux Distros Unpatched Vulnerability : CVE-2020-8035
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The image view functionality in Horde Groupware Webmail Edition before 5.2.22 is affected by a stored Cross-Site Scripting XSS vulnerability via an SVG image...
Linux Distros Unpatched Vulnerability : CVE-2017-9773
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Denial of Service was found in HordeImage 2.x before 2.5.0 via a crafted URL to the Null image driver. CVE-2017-9773 Note that Nessus relies on the presence of...
Linux Distros Unpatched Vulnerability : CVE-2019-12094
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Horde Groupware Webmail Edition through 5.2.22 allows XSS via an admin/user.php?form=updatef&username= or admin/user.php?form=removef&username= or...
Linux Distros Unpatched Vulnerability : CVE-2017-7413
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In HordeCrypt before 2.7.6, as used in Horde Groupware Webmail Edition through 5.2.17, OS Command Injection can occur if the attacker is an authenticated Horde...
Linux Distros Unpatched Vulnerability : CVE-2019-12095
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 and other products, allows CSRF, as demonstrated by the treanBookmarkTags parameter to th...
Linux Distros Unpatched Vulnerability : CVE-2016-5303
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in the Horde Text Filter API in Horde Groupware and Horde Groupware Webmail Edition before 5.2.16 allows remote attackers...
Linux Distros Unpatched Vulnerability : CVE-2019-9858
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Remote code execution was discovered in Horde Groupware Webmail 5.2.22 and 5.2.17. Horde/Form/Type.php contains a vulnerable class that handles image upload in...
Linux Distros Unpatched Vulnerability : CVE-2017-9774
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Remote Code Execution was found in HordeImage 2.x before 2.5.0 via a crafted GET request. Exploitation requires authentication. CVE-2017-9774 Note that Nessus...
Linux Distros Unpatched Vulnerability : CVE-2017-16906
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Horde Groupware 5.2.19-5.2.22, there is XSS via the URL field in a Calendar - New Event action. CVE-2017-16906 Note that Nessus relies on the presence of the...
Linux Distros Unpatched Vulnerability : CVE-2013-6365
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions CVE-2013-6365 Note that Nessus relies on the presence of the package as reported by...