Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
isode vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2014-2742
Isode M-Link prior to 16.0v7 does not properly restrict the processing of compressed XML elements, which allows remote malicious users to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack.
Isode M-link 15.1
Isode M-link 16.0
Isode M-link 14.6
Isode M-link 14.6.14
Isode M-link 15.1.10
5.8
CVSSv2
CVE-2012-4669
M-Link R14.6 before R14.6v14 and R15.1 before R15.1v10 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via responses for domains that were not asserted.
Isode M-link 14.6
Isode M-link 15.1
NA
CVE-2022-47581
Isode M-Vault 16.0v0 up to and including 17.x prior to 17.0v24 can crash upon an LDAP v1 bind request.
Isode M-vault
NA
CVE-2022-47634
M-Link Archive Server in Isode M-Link R16.2v1 through R17.0 before R17.0v24 allows non-administrative users to access and manipulate archive data via certain HTTP endpoints, aka LINK-2867.
Isode M-link
NA
CVE-2022-32389
Isode SWIFT v4.0.2 exists to contain hard-coded credentials in the Registry Editor. This allows malicious users to access sensitive information such as user credentials and certificates.
Isode Swift 4.0.2
7.5
CVSSv2
CVE-2006-0710
Double free vulnerability in isode.eddy in Isode M-Vault Server 11.3 allows remote malicious users to execute arbitrary code via a crafted LDAP request, as demonstrated by ProtoVer Sample LDAP.
Isode M-vault Server 11.3
1 EDB exploit
7.2
CVSSv2
CVE-2020-36164
An issue exists in Veritas Enterprise Vault up to and including 14.0. On start-up, it loads the OpenSSL library. The OpenSSL library then attempts to load the openssl.cnf configuration file (which does not exist) at the following locations in both the System drive (typically C:\)...
Veritas Enterprise Vault
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started