Known Vulnerabilities for products from Ocsinventory-ng
Listed below are 19 of the newest known vulnerabilities associated with the vendor "Ocsinventory-ng".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-22675 json | OCS Inventory NG Server version 2.12.3 and prior contain a stored cross-site scripting vulnerability that allows unauthentica... | Not Provided | 2026-04-06 | 2026-04-09 |
| CVE-2018-1000558 json | OCS Inventory NG ocsreports 2.4 and ocsreports 2.3.1 version 2.4 and 2.3.1 contains a SQL Injection vulnerability in web sear... | 6.5 - MEDIUM | 2018-06-26 | 2018-08-20 |
| CVE-2018-1000557 json | OCS Inventory OCS Inventory NG version ocsreports 2.4 contains a Cross Site Scripting (XSS) vulnerability in login form and s... | 6.1 - MEDIUM | 2018-06-26 | 2018-08-20 |
| CVE-2018-15537 json | Unrestricted file upload (with remote code execution) in OCS Inventory NG ocsreports allows a privileged user to gain access ... | 8.8 - HIGH | 2018-11-29 | 2019-01-31 |
| CVE-2018-14857 json | Unrestricted file upload (with remote code execution) in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG ... | 8.8 - HIGH | 2018-08-06 | 2018-10-10 |
| CVE-2018-14473 json | OCS Inventory 2.4.1 lacks a proper XML parsing configuration, allowing the use of external entities. This issue can be exploi... | 9.1 - CRITICAL | 2018-08-04 | 2018-10-01 |
| CVE-2018-12483 json | OCS Inventory 2.4.1 is prone to a remote command-execution vulnerability. Specifically, this issue occurs because the content... | 8.8 - HIGH | 2018-08-04 | 2018-10-02 |
| CVE-2018-12482 json | OCS Inventory 2.4.1 contains multiple SQL injections in the search engine. Authentication is needed in order to exploit the i... | 8.8 - HIGH | 2018-08-04 | 2018-10-01 |
| CVE-2014-4722 json | Multiple cross-site scripting (XSS) vulnerabilities in the OCS Reports Web Interface in OCS Inventory NG allow remote attacke... | 4.3 - MEDIUM | 2014-07-07 | 2018-10-09 |
| CVE-2011-4024 json | Cross-site scripting (XSS) vulnerability in ocsinventory in OCS Inventory NG 2.0.1 and earlier allows remote attackers to inj... | 4.3 - MEDIUM | 2011-10-21 | 2017-12-29 |
| CVE-2010-1733 json | Multiple SQL injection vulnerabilities in OCS Inventory NG before 1.02.3 allow remote attackers to execute arbitrary SQL comm... | 6.8 - MEDIUM | 2010-05-06 | 2017-08-17 |
| CVE-2010-1595 json | Multiple SQL injection vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote attackers to execute a... | 7.5 - HIGH | 2010-04-28 | 2017-08-17 |
| CVE-2010-1594 json | Multiple cross-site scripting (XSS) vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote attackers... | 4.3 - MEDIUM | 2010-04-28 | 2017-08-17 |
| CVE-2009-3042 json | SQL injection vulnerability in machine.php in Open Computer and Software (OCS) Inventory NG 1.02.1 allows remote attackers to... | 7.5 - HIGH | 2009-09-01 | 2023-11-07 |
| CVE-2009-3040 json | Multiple SQL injection vulnerabilities in Open Computer and Software (OCS) Inventory NG 1.02 for Unix allow remote attackers ... | 7.5 - HIGH | 2009-09-01 | 2023-11-07 |
| CVE-2009-2166 json | Absolute path traversal vulnerability in cvs.php in OCS Inventory NG before 1.02.1 on Unix allows remote attackers to read ar... | 5 - MEDIUM | 2009-06-22 | 2018-10-10 |
| CVE-2009-1769 json | The web interface in Open Computer and Software Inventory Next Generation (OCS Inventory NG) 1.01 generates different error m... | 5 - MEDIUM | 2009-05-22 | 2023-11-07 |
| CVE-2009-1443 json | Multiple unspecified vulnerabilities in the Server component in OCS Inventory NG before 1.02 have unknown impact and attack v... | 10 - HIGH | 2009-04-27 | 2023-11-07 |
| CVE-2009-0667 json | Untrusted search path vulnerability in Agent/Backend.pm in Ocsinventory-Agent before 0.0.9.3, and 1.x before 1.0.1, in OCS In... | 7.2 - HIGH | 2009-07-09 | 2023-11-07 |
Known software with vulnerabilities from Ocsinventory-ng
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Ocsinventory-ng | Ocsinventory Ng | - |
| Application | Ocsinventory-ng | Ocs Inventory Server | 2.2 |