Export limit exceeded: 366589 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (366589 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-23936 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 6.1 Medium
OX App Suite through 7.10.4 allows XSS via the subject of a task.
CVE-2021-23935 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 6.1 Medium
OX App Suite through 7.10.4 allows XSS via an appointment in which the location contains JavaScript code.
CVE-2021-23934 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 6.1 Medium
OX App Suite through 7.10.4 allows XSS via a contact whose name contains JavaScript code.
CVE-2021-23933 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 6.1 Medium
OX App Suite through 7.10.4 allows XSS via JavaScript in a Note referenced by a mail:// URL.
CVE-2021-23932 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 6.1 Medium
OX App Suite through 7.10.4 allows XSS via an inline image with a crafted filename.
CVE-2021-23931 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 6.1 Medium
OX App Suite through 7.10.4 allows XSS via an inline binary file.
CVE-2021-23930 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 6.1 Medium
OX App Suite through 7.10.4 allows XSS via use of the conversion API for a distributedFile.
CVE-2021-23929 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 6.1 Medium
OX App Suite through 7.10.4 allows XSS via a crafted Content-Disposition header in an uploaded HTML document to an ajax/share/<share-token>?delivery=view URI.
CVE-2021-23928 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 6.1 Medium
OX App Suite through 7.10.3 allows XSS via the ajax/apps/manifests query string.
CVE-2021-23927 1 Open-xchange 1 Open-xchange Appsuite 2024-11-21 6.4 Medium
OX App Suite through 7.10.4 allows SSRF via a URL with an @ character in an appsuite/api/oauth/proxy PUT request.
CVE-2021-23925 1 Devolutions 1 Devolutions Server 2024-11-21 6.1 Medium
An issue was discovered in Devolutions Server before 2020.3. There is a cross-site scripting (XSS) vulnerability in entries of type Document.
CVE-2021-23924 1 Devolutions 1 Devolutions Server 2024-11-21 7.5 High
An issue was discovered in Devolutions Server before 2020.3. There is an exposure of sensitive information in diagnostic files.
CVE-2021-23923 1 Devolutions 1 Devolutions Server 2024-11-21 8.1 High
An issue was discovered in Devolutions Server before 2020.3. There is Broken Authentication with Windows domain users.
CVE-2021-23922 1 Devolutions 1 Remote Desktop Manager 2024-11-21 5.4 Medium
An issue was discovered in Devolutions Remote Desktop Manager before 2020.2.12. There is a cross-site scripting (XSS) vulnerability in webviews.
CVE-2021-23921 1 Devolutions 1 Devolutions Server 2024-11-21 9.1 Critical
An issue was discovered in Devolutions Server before 2020.3. There is broken access control on Password List entry elements.
CVE-2021-23910 1 Mercedes-benz 8 A 220, A 220 4matic, E 350 and 5 more 2024-11-21 5.3 Medium
An issue was discovered in HERMES 2.1 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. There is an out-of-bounds array access in RemoteDiagnosisApp.
CVE-2021-23909 1 Mercedes-benz 8 A 220, A 220 4matic, E 350 and 5 more 2024-11-21 6.3 Medium
An issue was discovered in HERMES 2.1 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. The SH2 MCU allows remote code execution.
CVE-2021-23908 1 Mercedes-benz 8 A 220, A 220 4matic, E 350 and 5 more 2024-11-21 2.9 Low
An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. A type confusion issue affects MultiSvSetAttributes in the HiQnet Protocol, leading to remote code execution.
CVE-2021-23907 1 Mercedes-benz 8 A 220, A 220 4matic, E 350 and 5 more 2024-11-21 2.9 Low
An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. The count in MultiSvGet, GetAttributes, and MultiSvSet is not checked in the HiQnet Protocol, leading to remote code execution.
CVE-2021-23906 1 Mercedes-benz 8 A 220, A 220 4matic, E 350 and 5 more 2024-11-21 1.8 Low
An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. A Message Length is not checked in the HiQnet Protocol, leading to remote code execution.