Export limit exceeded: 366589 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (366589 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-23936 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | 6.1 Medium |
| OX App Suite through 7.10.4 allows XSS via the subject of a task. | ||||
| CVE-2021-23935 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | 6.1 Medium |
| OX App Suite through 7.10.4 allows XSS via an appointment in which the location contains JavaScript code. | ||||
| CVE-2021-23934 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | 6.1 Medium |
| OX App Suite through 7.10.4 allows XSS via a contact whose name contains JavaScript code. | ||||
| CVE-2021-23933 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | 6.1 Medium |
| OX App Suite through 7.10.4 allows XSS via JavaScript in a Note referenced by a mail:// URL. | ||||
| CVE-2021-23932 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | 6.1 Medium |
| OX App Suite through 7.10.4 allows XSS via an inline image with a crafted filename. | ||||
| CVE-2021-23931 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | 6.1 Medium |
| OX App Suite through 7.10.4 allows XSS via an inline binary file. | ||||
| CVE-2021-23930 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | 6.1 Medium |
| OX App Suite through 7.10.4 allows XSS via use of the conversion API for a distributedFile. | ||||
| CVE-2021-23929 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | 6.1 Medium |
| OX App Suite through 7.10.4 allows XSS via a crafted Content-Disposition header in an uploaded HTML document to an ajax/share/<share-token>?delivery=view URI. | ||||
| CVE-2021-23928 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | 6.1 Medium |
| OX App Suite through 7.10.3 allows XSS via the ajax/apps/manifests query string. | ||||
| CVE-2021-23927 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | 6.4 Medium |
| OX App Suite through 7.10.4 allows SSRF via a URL with an @ character in an appsuite/api/oauth/proxy PUT request. | ||||
| CVE-2021-23925 | 1 Devolutions | 1 Devolutions Server | 2024-11-21 | 6.1 Medium |
| An issue was discovered in Devolutions Server before 2020.3. There is a cross-site scripting (XSS) vulnerability in entries of type Document. | ||||
| CVE-2021-23924 | 1 Devolutions | 1 Devolutions Server | 2024-11-21 | 7.5 High |
| An issue was discovered in Devolutions Server before 2020.3. There is an exposure of sensitive information in diagnostic files. | ||||
| CVE-2021-23923 | 1 Devolutions | 1 Devolutions Server | 2024-11-21 | 8.1 High |
| An issue was discovered in Devolutions Server before 2020.3. There is Broken Authentication with Windows domain users. | ||||
| CVE-2021-23922 | 1 Devolutions | 1 Remote Desktop Manager | 2024-11-21 | 5.4 Medium |
| An issue was discovered in Devolutions Remote Desktop Manager before 2020.2.12. There is a cross-site scripting (XSS) vulnerability in webviews. | ||||
| CVE-2021-23921 | 1 Devolutions | 1 Devolutions Server | 2024-11-21 | 9.1 Critical |
| An issue was discovered in Devolutions Server before 2020.3. There is broken access control on Password List entry elements. | ||||
| CVE-2021-23910 | 1 Mercedes-benz | 8 A 220, A 220 4matic, E 350 and 5 more | 2024-11-21 | 5.3 Medium |
| An issue was discovered in HERMES 2.1 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. There is an out-of-bounds array access in RemoteDiagnosisApp. | ||||
| CVE-2021-23909 | 1 Mercedes-benz | 8 A 220, A 220 4matic, E 350 and 5 more | 2024-11-21 | 6.3 Medium |
| An issue was discovered in HERMES 2.1 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. The SH2 MCU allows remote code execution. | ||||
| CVE-2021-23908 | 1 Mercedes-benz | 8 A 220, A 220 4matic, E 350 and 5 more | 2024-11-21 | 2.9 Low |
| An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. A type confusion issue affects MultiSvSetAttributes in the HiQnet Protocol, leading to remote code execution. | ||||
| CVE-2021-23907 | 1 Mercedes-benz | 8 A 220, A 220 4matic, E 350 and 5 more | 2024-11-21 | 2.9 Low |
| An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. The count in MultiSvGet, GetAttributes, and MultiSvSet is not checked in the HiQnet Protocol, leading to remote code execution. | ||||
| CVE-2021-23906 | 1 Mercedes-benz | 8 A 220, A 220 4matic, E 350 and 5 more | 2024-11-21 | 1.8 Low |
| An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. A Message Length is not checked in the HiQnet Protocol, leading to remote code execution. | ||||