CVE-2017-12884

OX Software GmbH App Suite 7.8.4 and earlier is affected by: Information Exposure...

CVE-2017-12885

OX Software GmbH App Suite 7.8.4 and earlier is affected by: Cross Site Scripting XSS...

EUVD-2017-18723

Malware in sbrugna...

EUVD-2017-5184

Malware in sbrugna...

EUVD-2017-8228

Malware in sbrugna...

EUVD-2017-4409

Malware in sbrugna...

EUVD-2017-8227

Malware in sbrugna...

EUVD-2017-5185

Malware in sbrugna...

CVE-2017-9809

OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Information Exposure...

CVE-2017-13667

OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF...

CVE-2017-13668

OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting XSS...

CVE-2017-17061

OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting XSS...

CVE-2017-9808

OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting XSS...

OX App Suite 7.10.6 Cross Site Scripting / SSRF / Resource Consumption

Product: OX App Suite Vendor: OX Software GmbH Internal reference: OXUIB-1654 Vulnerability type: Cross-Site Scripting CWE-80 Vulnerable version: 7.10.6 and earlier Vulnerable component: frontend Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 7.10.5-rev37, 7.10.6-rev...

OX App Suite / OX Documents 7.10.x XSS / SSRF

Product: OX App Suite / OX Documents Vendor: OX Software GmbH Internal reference: MWB-423 Vulnerability type: Server-Side Request Forgery CWE-918 Vulnerable version: 7.10.4 and earlier Vulnerable component: backend Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version:...

Dovecot 2.3.11.3 Denial Of Service Vulnerability

Dovecot 2.3.11.3 Denial Of Service Vulnerability Vendor: OX Software GmbH Internal reference: DOV-4113 Bug ID Vulnerability type: CWE-20: Improper Input Validation Vulnerable version: 2.3.11-2.3.11.3 Vulnerable component: lda, lmtp, imap Report confidence: Confirmed Solution status: Fixed by Vend...

OX App Suite / OX Documents XSS / SSRF / Bypass

Dear subscribers, we're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those vulnerabilities. Feel free to join our bug bounty programs for OX App Suite, Dovecot and PowerDNS at HackerOne. Yours sincerely, Martin Heiland, Open-Xchange GmbH...

Open-Xchange Dovecot 2.3.10 Null Pointer Dereference / Denial Of Service Vulnerabilities

------------------ Open-Xchange Security Advisory 2020-05-18 Product: Dovecot Vendor: OX Software GmbH Internal reference: DOV-3784 Vulnerability type: NULL pointer dereference CWE-476 Vulnerable version: 2.3.0 - 2.3.10 Vulnerable component: submission, lmtp Report confidence: Confirmed Solution...

Open-Xchange OX App Suite SSRF / XSS / Information Disclosure / Access Controls

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Dear subscribers, we're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those vulnerabilities. Feel free to join our bug bounty programs appsuite, dovecot, powerdns at HackerOne. Yours sincerely...

CVE-2017-13667

OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF...