41 matches found
CVE-2018-14733
The Odoo Community Association OCA dbfilterfromheader module makes Odoo 8.x, 9.x, 10.x, and 11.x vulnerable to ReDoS regular expression denial of service under certain circumstances...
EUVD-2018-6741
Malware in sbrugna...
EUVD-2018-6742
Malware in sbrugna...
EUVD-2018-6619
Malware in sbrugna...
EUVD-2018-7505
Malware in sbrugna...
EUVD-2018-7509
Malware in sbrugna...
EUVD-2017-14946
Malware in sbrugna...
EUVD-2021-31580
Malicious code in bioql PyPI...
EUVD-2024-53096
Malicious code in bioql PyPI...
EUVD-2021-31297
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-23203
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control in reporting engine of Odoo Community 14.0 through 15.0, and Odoo Enterprise 14.0 through 15.0, allows remote attackers to download PDF...
Linux Distros Unpatched Vulnerability : CVE-2021-44465
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier allows authenticated attackers to subscribe to receive future...
Linux Distros Unpatched Vulnerability : CVE-2021-44460
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier allows users with deactivated accounts to access the system with...
CVE-2021-23166
A sandboxing issue in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows authenticated administrators to read and write local files on the server...
CVE-2017-5871
Odoo Version = 8.0-20160726 and Version 9 is affected by: CWE-601: Open redirection. The impact is: obtain sensitive information remote...
CVE-2018-15634
Cross-site scripting XSS issue in attachment management in Odoo Community 14.0 and earlier and Odoo Enterprise 14.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim via a crafted link...
CVE-2018-14865
Report engine in Odoo Community 9.0 through 11.0 and earlier and Odoo Enterprise 9.0 through 11.0 and earlier does not use secure options when passing documents to wkhtmltopdf, which allows remote attackers to read local files...
PT-2023-16981 · Odoo · Odoo
Name of the Vulnerable Software and Affected Versions: Odoo affected versions not specified Description: The issue concerns getting the Content Type right in Odoo. There is no information about the estimated number of potentially affected devices worldwide or real-world incidents where this issue...
CVE-2021-26263
Cross-site scripting XSS issue in Discuss app of Odoo Community 14.0 through 15.0, and Odoo Enterprise 14.0 through 15.0, allows remote attackers to inject arbitrary web script in the browser of a victim, by posting crafted contents...
UBUNTU-CVE-2021-44460
Improper access control in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier allows users with deactivated accounts to access the system with the deactivated account and any permission it still holds, via crafted RPC requests...