CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/03/03 12:0 a.m.•3 views

PT-2026-22809

Name of the Vulnerable Software and Affected Versions FreeScout versions 1.8.206 and earlier Description FreeScout is susceptible to remote code execution RCE vulnerabilities CVE-2026-27636 and CVE-2026-28289. CVE-2026-27636 allows authenticated users with file upload permissions to execute code ...

10CVSS8AI score0.17266EPSS

Exploits4References39

RedhatCVE•added 2026/01/09 12:19 p.m.•5 views

CVE-2018-10986

OX Guard 2.8.0 has CSRF...

8.8CVSS7AI score0.00167EPSS

RedhatCVE•added 2026/01/09 11:28 a.m.•4 views

CVE-2021-33493

The middleware component in OX App Suite through 7.10.5 allows Code Injection via Java classes in a YAML format...

6CVSS7.3AI score0.00202EPSS

RedhatCVE•added 2026/01/09 11:28 a.m.•4 views

CVE-2021-33495

OX App Suite 7.10.5 allows XSS via an OX Chat system message...

6.1CVSS5.8AI score0.00412EPSS

RedhatCVE•added 2026/01/09 11:27 a.m.•6 views

CVE-2021-33491

OX App Suite through 7.10.5 allows Directory Traversal via ../ in an OOXML or ODF ZIP archive, because of the mishandling of relative paths in mail addresses in conjunction with auto-configuration DNS records...

6.5CVSS6.9AI score0.04366EPSS

RedhatCVE•added 2026/01/09 11:26 a.m.•3 views

CVE-2021-33492

OX App Suite 7.10.5 allows XSS via an OX Chat room name...

6.1CVSS5.8AI score0.00397EPSS

RedhatCVE•added 2026/01/09 11:26 a.m.•3 views

CVE-2021-33494

OX App Suite 7.10.5 allows XSS via an OX Chat room title during typing rendering...

6.1CVSS5.8AI score0.00397EPSS

RedhatCVE•added 2026/01/09 11:24 a.m.•5 views

CVE-2021-28094

OX Documents before 7.10.5-rev7 has Incorrect Access Control for converted documents because hash collisions can occur, due to use of CRC32...

6.5CVSS7AI score0.00134EPSS

RedhatCVE•added 2026/01/09 11:24 a.m.•2 views

CVE-2021-31934

OX App Suite 7.10.4 and earlier allows XSS via a crafted contact object payload in the position or company field that is mishandled in the App Suite UI on a smartphone...

6.1CVSS6AI score0.00174EPSS

RedhatCVE•added 2026/01/09 11:23 a.m.•2 views

CVE-2021-31935

OX App Suite 7.10.4 and earlier allows XSS via a crafted distribution list payload in the common name that is mishandled in the scheduling view...

6.1CVSS6AI score0.00174EPSS

RedhatCVE•added 2026/01/09 10:55 a.m.•5 views

CVE-2022-23101

OX App Suite through 7.10.6 allows XSS via appHandler in a deep link in an e-mail message...

6.1CVSS5.8AI score0.00399EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:55 a.m.•6 views

CVE-2022-23099

OX App Suite through 7.10.6 allows XSS by forcing block-wise read...

5.4CVSS6.1AI score0.00548EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:53 a.m.•5 views

CVE-2022-23100

OX App Suite through 7.10.6 allows OS Command Injection via Documentconverter e.g., through an email attachment...

9.8CVSS7.4AI score0.08004EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:50 a.m.•1 views

CVE-2022-37311

OX App Suite through 7.10.6 has Uncontrolled Resource Consumption via a large location request parameter to the redirect servlet...

5.3CVSS6.9AI score0.00859EPSS

RedhatCVE•added 2026/01/09 10:49 a.m.•4 views

CVE-2022-37307

OX App Suite through 7.10.6 allows XSS via XHTML CDATA for a snippet, as demonstrated by the onerror attribute of an IMG element within an e-mail signature...

6.1CVSS6.2AI score0.01122EPSS

RedhatCVE•added 2026/01/09 10:49 a.m.•2 views

CVE-2022-37312

OX App Suite through 7.10.6 has Uncontrolled Resource Consumption via a large request body containing a redirect URL to the deferrer servlet...

5.3CVSS6.9AI score0.00859EPSS

RedhatCVE•added 2026/01/09 10:48 a.m.•4 views

CVE-2022-31469

OX App Suite through 7.10.6 allows XSS via a deep link, as demonstrated by class="deep-link-app" for a /!!=%2e./ URI...

6.1CVSS5.8AI score0.00832EPSS