Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-68461 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Roundcube webmail (CVE-2025-68461)
cross-site scripting in Roundcube webmail (CVE-2025-68461). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-49113 KEV |
|
[KEV] Unsafe Deserialization in Roundcube webmail (CVE-2025-49113)
vulnerability in Roundcube webmail (CVE-2025-49113). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-42009 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Roundcube webmail (CVE-2024-42009)
cross-site scripting in Roundcube webmail (CVE-2024-42009). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-37383 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Roundcube webmail (CVE-2024-37383)
cross-site scripting in Roundcube webmail (CVE-2024-37383). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-13965 KEV |
|
[KEV] Vulnerability in Roundcube webmail (CVE-2020-13965)
vulnerability in Roundcube webmail (CVE-2020-13965). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-43770 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Roundcube webmail (CVE-2023-43770)
cross-site scripting in Roundcube webmail (CVE-2023-43770). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-5631 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Roundcube webmail (CVE-2023-5631)
cross-site scripting in Roundcube webmail (CVE-2023-5631). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-35730 KEV |
|
[KEV] Cross-Site Scripting (XSS) in roundcube (CVE-2020-35730)
cross-site scripting in roundcube (CVE-2020-35730). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-12641 KEV |
|
[KEV] OS Command Injection in roundcube (CVE-2020-12641)
OS command injection in roundcube (CVE-2020-12641). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-44026 KEV |
|
[KEV] SQL Injection in roundcube (CVE-2021-44026)
SQL injection in roundcube (CVE-2021-44026). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-16651 KEV |
|
[KEV] Vulnerability in roundcube (CVE-2017-16651)
vulnerability in roundcube (CVE-2017-16651). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2015-5381 |
|
Cross-Site Scripting (XSS) in roundcube (CVE-2015-5381)
cross-site scripting in roundcube (CVE-2015-5381). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-5382 |
|
Information Disclosure in roundcube (CVE-2015-5382)
vulnerability in roundcube (CVE-2015-5382). Confidential information can be exposed externally.
|
| CVE-2015-5383 |
|
Information Disclosure in roundcube (CVE-2015-5383)
vulnerability in roundcube (CVE-2015-5383). Confidential information can be exposed externally.
|
| CVE-2017-8114 |
|
Privilege Escalation in roundcube (CVE-2017-8114)
vulnerability in roundcube (CVE-2017-8114). Successful exploitation can lead to full system takeover.
|
| CVE-2015-8864 |
|
Cross-Site Scripting (XSS) in opensuse (CVE-2015-8864)
cross-site scripting in opensuse (CVE-2015-8864). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-4068 |
|
Cross-Site Scripting (XSS) in opensuse (CVE-2016-4068)
cross-site scripting in opensuse (CVE-2016-4068). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-6820 |
|
Cross-Site Scripting (XSS) in roundcube (CVE-2017-6820)
cross-site scripting in roundcube (CVE-2017-6820). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-2180 |
|
Vulnerability in roundcube (CVE-2015-2180)
vulnerability in roundcube (CVE-2015-2180). Successful exploitation can lead to full system takeover.
|
| CVE-2015-2181 |
|
Buffer Overflow in roundcube (CVE-2015-2181)
vulnerability in roundcube (CVE-2015-2181). Successful exploitation can lead to full system takeover.
|