Search CVE reports


Toggle filters

21 – 24 of 24 results


CVE-2016-6190

Low priority
Ignored

SOGo before 2.3.12 and 3.x before 3.1.1 does not restrict access to the UID and DTSTAMP attributes, which allows remote authenticated users to obtain sensitive information about appointments with the "View the Date &...

1 affected package

sogo

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sogo Not affected Not in release Not affected Not affected Not affected
Show less packages

CVE-2016-6189

Low priority
Needs evaluation

Incomplete blacklist in SOGo before 2.3.12 and 3.x before 3.1.1 allows remote authenticated users to obtain sensitive information by reading the fields in the (1) ics or (2) XML calendar feeds.

1 affected package

sogo

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sogo Needs evaluation Not in release Not affected Not affected Not affected
Show less packages

CVE-2014-9905

Low priority
Not affected

Multiple cross-site scripting (XSS) vulnerabilities in the Web Calendar in SOGo before 2.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) title of an appointment or (2) contact fields.

1 affected package

sogo

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sogo Not affected
Show less packages

CVE-2016-6188

Low priority
Ignored

Memory leak in SOGo 2.3.7 allows remote attackers to cause a denial of service (memory consumption) via a large number of attempts to upload a large attachment, related to temporary files.

1 affected package

sogo

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
sogo Not affected Not in release Not affected Not affected Not affected
Show less packages