Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Onlyoffice Subscribe
Total 21 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-11534 1 Onlyoffice 1 Document Server 2020-04-22 7.5 HIGH 9.8 CRITICAL
An issue was discovered in ONLYOFFICE Document Server 5.5.0. An attacker can craft a malicious .docx file, and exploit the NSFileDownloader function to pass parameters to a binary (such as curl or wget) and remotely execute code on a victim's server.