Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 33 results


CVE-2013-6365

Medium priority
Vulnerable

Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions

2 affected packages

horde3, php-horde

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
horde3 Not in release Not in release Not in release Not in release Not in release
php-horde Not in release Not in release Not in release Vulnerable Vulnerable
Show less packages

CVE-2012-6640

Medium priority
Ignored

Cross-site scripting (XSS) vulnerability in Horde Internet Mail Program (IMP) before 5.0.22, as used in Horde Groupware Webmail Edition before 4.0.9, allows remote attackers to inject arbitrary web script or HTML via a crafted SVG...

1 affected packages

horde3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
horde3 Not in release
Show less packages

CVE-2014-1691

Medium priority
Ignored

The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1 allows remote attackers to conduct object injection attacks and execute arbitrary PHP code via a crafted serialized object in the _formvars form.

2 affected packages

horde3, php-horde-util

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
horde3 Not in release
php-horde-util Not affected
Show less packages

CVE-2012-0209

High priority
Not affected

Horde 3.3.12, Horde Groupware 1.2.10, and Horde Groupware Webmail Edition 1.2.10, as distributed by FTP between November 2011 and February 2012, contains an externally introduced modification (Trojan Horse)...

1 affected packages

horde3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
horde3
Show less packages

CVE-2010-3694

Medium priority
Ignored

Cross-site request forgery (CSRF) vulnerability in the Horde Application Framework before 3.3.9 allows remote attackers to hijack the authentication of unspecified victims for requests to a preference form.

1 affected packages

horde3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
horde3
Show less packages

CVE-2010-3077

Medium priority
Ignored

Cross-site scripting (XSS) vulnerability in util/icon_browser.php in the Horde Application Framework before 3.3.9 allows remote attackers to inject arbitrary web script or HTML via the subdir parameter.

1 affected packages

horde3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
horde3
Show less packages

CVE-2009-4363

Low priority

Some fixes available 1 of 5

Text_Filter/lib/Horde/Text/Filter/Xss.php in Horde Application Framework before 3.3.6, Horde Groupware before 1.2.5, and Horde Groupware Webmail Edition before 1.2.5 does not properly handle data: URIs, which allows remote...

1 affected packages

horde3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
horde3
Show less packages

CVE-2009-3701

Low priority

Some fixes available 1 of 5

Multiple cross-site scripting (XSS) vulnerabilities in the administration interface in Horde Application Framework before 3.3.6, Horde Groupware before 1.2.5, and Horde Groupware Webmail Edition before 1.2.5 allow remote attackers...

1 affected packages

horde3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
horde3
Show less packages

CVE-2009-3237

Medium priority

Some fixes available 1 of 5

Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework 3.2 before 3.2.5 and 3.3 before 3.3.5; Groupware 1.1 before 1.1.6 and 1.2 before 1.2.4; and Groupware Webmail Edition 1.1 before 1.1.6 and 1.2...

1 affected packages

horde3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
horde3
Show less packages

CVE-2009-3236

Low priority

Some fixes available 1 of 4

The form library in Horde Application Framework 3.2 before 3.2.5 and 3.3 before 3.3.5; Groupware 1.1 before 1.1.6 and 1.2 before 1.2.4; and Groupware Webmail Edition 1.1 before 1.1.6 and 1.2 before 1.2.4; reuses temporary...

1 affected packages

horde3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
horde3
Show less packages