| CVE-2017-7664 |
critical |
10.0 |
10.0 |
|
|
|
9y ago |
Apache OpenMeetings does not correctly validate uploaded XML documents |
| CVE-2016-8736 |
critical |
9.8 |
9.8 |
|
|
|
9y ago |
Apache OpenMeetings RCE |
| CVE-2017-7673 |
critical |
9.8 |
9.8 |
|
|
|
9y ago |
Apache OpenMeetings has Inadequate Encryption Strength |
| CVE-2017-7681 |
high |
8.8 |
8.8 |
|
|
|
9y ago |
Apache OpenMeetings vulnerable to SQL injection |
| CVE-2017-7666 |
high |
8.8 |
8.8 |
|
|
|
9y ago |
Apache OpenMeetings vulnerable to Cross-Site Request Forgery |
| CVE-2017-7682 |
high |
8.2 |
8.2 |
|
|
|
9y ago |
Apache OpenMeetings vulnerable to parameter manipulation attacks |
| CVE-2017-7688 |
high |
7.5 |
7.5 |
|
|
|
9y ago |
Apache OpenMeetings updates user password in insecure manner |
| CVE-2017-7684 |
high |
7.5 |
7.5 |
|
|
|
9y ago |
Apache OpenMeetings vulnerable to Uncontrolled Resource Consumption |
| CVE-2017-7683 |
high |
7.5 |
7.5 |
|
|
|
9y ago |
Apache OpenMeetings displays Tomcat version and detailed error stack trace |
| CVE-2017-7680 |
high |
7.5 |
7.5 |
|
|
|
9y ago |
Apache OpenMeetings allows flash content to be loaded from untrusted domains |
| CVE-2016-2164 |
high |
7.5 |
7.5 |
|
|
|
10y ago |
Apache OpenMeetings allows remote attackers to read arbitrary files by attempting to upload a file |
| CVE-2017-7663 |
medium |
6.1 |
6.1 |
|
|
|
9y ago |
Apache OpenMeetings Cross-site Scripting vulnerability |
| CVE-2016-3089 |
medium |
6.1 |
6.1 |
|
|
|
10y ago |
Apache OpenMeetings Cross-site Scripting vulnerability |
| CVE-2016-2163 |
medium |
6.1 |
6.1 |
|
|
|
10y ago |
Apache OpenMeetings Cross-site Scripting vulnerability |
| CVE-2017-7685 |
medium |
5.3 |
5.3 |
|
|
|
9y ago |
Apache OpenMeetings responds to insecure HTTP methods |
| CVE-2020-13951 |
unknown |
— |
1.0 |
|
|
|
4y ago |
Denial of service in Apache OpenMeetings |
| CVE-2026-34020 |
unknown |
— |
— |
|
|
|
2mo ago |
Apache OpenMeetings Uses GET Request Method With Sensitive Query Strings |
| CVE-2026-33266 |
unknown |
— |
— |
|
|
|
2mo ago |
Apache OpenMeetings Uses Hard-coded Cryptographic Key |
| CVE-2026-33005 |
unknown |
— |
— |
|
|
|
2mo ago |
Apache OpenMeetings has an Improper Handling of Insufficient Privileges vulnerability |
| CVE-2024-54676 |
unknown |
— |
— |
|
|
|
1y ago |
Apache OpenMeetings vulnerable to Deserialization of Untrusted Data |
| CVE-2023-29032 |
unknown |
— |
— |
|
|
|
3y ago |
Apache OpenMeetings Improper Authentication vulnerability |
| CVE-2023-29246 |
unknown |
— |
— |
|
|
|
3y ago |
Apache OpenMeetings vulnerable to remote code execution via null-bye injection |
| CVE-2023-28326 |
unknown |
— |
— |
|
|
|
3y ago |
Apache OpenMeetings missing authentication and can allow user impersonation |
| CVE-2018-1286 |
unknown |
— |
— |
|
|
|
4y ago |
Apache OpenMeetings may allow authenticated attacker to deny service for privileged users |
| CVE-2021-27576 |
unknown |
— |
— |
|
|
|
5y ago |
Uncontrolled Resource Consumption in Apache OpenMeetings server |
