Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: roundcube Clear
ID Title
CVE-2025-68461 KEV [KEV] Cross-Site Scripting (XSS) in Roundcube webmail (CVE-2025-68461)
cross-site scripting in Roundcube webmail (CVE-2025-68461). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-49113 KEV [KEV] Unsafe Deserialization in Roundcube webmail (CVE-2025-49113)
vulnerability in Roundcube webmail (CVE-2025-49113). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-42009 KEV [KEV] Cross-Site Scripting (XSS) in Roundcube webmail (CVE-2024-42009)
cross-site scripting in Roundcube webmail (CVE-2024-42009). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-37383 KEV [KEV] Cross-Site Scripting (XSS) in Roundcube webmail (CVE-2024-37383)
cross-site scripting in Roundcube webmail (CVE-2024-37383). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-13965 KEV [KEV] Vulnerability in Roundcube webmail (CVE-2020-13965)
vulnerability in Roundcube webmail (CVE-2020-13965). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-43770 KEV [KEV] Cross-Site Scripting (XSS) in Roundcube webmail (CVE-2023-43770)
cross-site scripting in Roundcube webmail (CVE-2023-43770). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-5631 KEV [KEV] Cross-Site Scripting (XSS) in Roundcube webmail (CVE-2023-5631)
cross-site scripting in Roundcube webmail (CVE-2023-5631). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-35730 KEV [KEV] Cross-Site Scripting (XSS) in roundcube (CVE-2020-35730)
cross-site scripting in roundcube (CVE-2020-35730). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-12641 KEV [KEV] OS Command Injection in roundcube (CVE-2020-12641)
OS command injection in roundcube (CVE-2020-12641). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-44026 KEV [KEV] SQL Injection in roundcube (CVE-2021-44026)
SQL injection in roundcube (CVE-2021-44026). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2017-16651 KEV [KEV] Vulnerability in roundcube (CVE-2017-16651)
vulnerability in roundcube (CVE-2017-16651). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2015-5381 Cross-Site Scripting (XSS) in roundcube (CVE-2015-5381)
cross-site scripting in roundcube (CVE-2015-5381). Risk of unauthorized operations or information disclosure.
CVE-2015-5382 Information Disclosure in roundcube (CVE-2015-5382)
vulnerability in roundcube (CVE-2015-5382). Confidential information can be exposed externally.
CVE-2015-5383 Information Disclosure in roundcube (CVE-2015-5383)
vulnerability in roundcube (CVE-2015-5383). Confidential information can be exposed externally.
CVE-2017-8114 Privilege Escalation in roundcube (CVE-2017-8114)
vulnerability in roundcube (CVE-2017-8114). Successful exploitation can lead to full system takeover.
CVE-2015-8864 Cross-Site Scripting (XSS) in opensuse (CVE-2015-8864)
cross-site scripting in opensuse (CVE-2015-8864). Risk of unauthorized operations or information disclosure.
CVE-2016-4068 Cross-Site Scripting (XSS) in opensuse (CVE-2016-4068)
cross-site scripting in opensuse (CVE-2016-4068). Risk of unauthorized operations or information disclosure.
CVE-2017-6820 Cross-Site Scripting (XSS) in roundcube (CVE-2017-6820)
cross-site scripting in roundcube (CVE-2017-6820). Risk of unauthorized operations or information disclosure.
CVE-2015-2180 Vulnerability in roundcube (CVE-2015-2180)
vulnerability in roundcube (CVE-2015-2180). Successful exploitation can lead to full system takeover.
CVE-2015-2181 Buffer Overflow in roundcube (CVE-2015-2181)
vulnerability in roundcube (CVE-2015-2181). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →