Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
synacor zimbra collaboration suite 8.7.11 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2018-10950
mailboxd in Zimbra Collaboration Suite 8.8 prior to 8.8.8; 8.7 prior to 8.7.11.Patch3; and 8.6 prior to 8.6.0.Patch10 allows Information Exposure through Verbose Error Messages containing a stack dump, tracing data, or full user-context dump.
Synacor Zimbra Collaboration Suite 8.6.0
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 8.7.11
4.3
CVSSv2
CVE-2018-18631
mailboxd component in Synacor Zimbra Collaboration Suite 8.6, 8.7 prior to 8.7.11 Patch 7, and 8.8 prior to 8.8.10 Patch 2 has Persistent XSS.
Synacor Zimbra Collaboration Suite 8.8.9
Synacor Zimbra Collaboration Suite 8.7.11
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 8.8.10
Synacor Zimbra Collaboration Suite 8.6.0
7.5
CVSSv2
CVE-2018-20160
ZxChat (aka ZeXtras Chat), as used for zimbra-chat and zimbra-talk in Synacor Zimbra Collaboration Suite 8.7 and 8.8 and in other products, allows XXE attacks, as demonstrated by a crafted XML request to mailboxd.
Synacor Zimbra Collaboration Suite 8.8.10
Synacor Zimbra Collaboration Suite 8.8.9
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 8.7.11
Synacor Zimbra Collaboration Suite 8.8.11
5
CVSSv2
CVE-2018-15131
An issue exists in Synacor Zimbra Collaboration Suite 8.6.x prior to 8.6.0 Patch 11, 8.7.x prior to 8.7.11 Patch 6, 8.8.x prior to 8.8.8 Patch 9, and 8.8.9 prior to 8.8.9 Patch 3. Account number enumeration is possible via inconsistent responses for specific types of authenticati...
Synacor Zimbra Collaboration Suite 8.6.0
Synacor Zimbra Collaboration Suite 8.7.11
Synacor Zimbra Collaboration Suite 8.8.8
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 8.8.9
1 Github repository
7.5
CVSSv2
CVE-2019-6980
Synacor Zimbra Collaboration Suite 8.7.x up to and including 8.8.11 allows insecure object deserialization in the IMAP component.
Synacor Zimbra Collaboration Suite 8.8.10
Synacor Zimbra Collaboration Suite 8.8.9
Synacor Zimbra Collaboration Suite 8.7.11
Synacor Zimbra Collaboration Suite 8.8.11
Synacor Zimbra Collaboration Suite
4
CVSSv2
CVE-2019-6981
Zimbra Collaboration Suite 8.7.x up to and including 8.8.11 allows Blind SSRF in the Feed component.
Synacor Zimbra Collaboration Suite 8.8.11
Synacor Zimbra Collaboration Suite 8.8.10
Synacor Zimbra Collaboration Suite 8.8.9
Synacor Zimbra Collaboration Suite 8.7.11
Synacor Zimbra Collaboration Suite
4.3
CVSSv2
CVE-2018-14013
Synacor Zimbra Collaboration Suite Collaboration prior to 8.8.11 has XSS in the AJAX and html web clients.
Synacor Zimbra Collaboration Suite 8.8.10
Synacor Zimbra Collaboration Suite 8.8.9
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 8.7.11
Synacor Zimbra Collaboration Suite 8.8.11
6.8
CVSSv2
CVE-2015-7610
Cross-site request forgery (CSRF) vulnerability in the login form in Zimbra Collaboration Suite (aka ZCS) prior to 8.6.0 Patch 10, 8.7.x prior to 8.7.11 Patch 2, and 8.8.x prior to 8.8.8 Patch 1 allows remote malicious users to hijack the authentication of unspecified victims by ...
Zimbra Zimbra Collaboration Suite 8.6.0
Synacor Zimbra Collaboration Suite 8.6.0
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 8.7.11
4.3
CVSSv2
CVE-2018-10939
Zimbra Web Client (ZWC) in Zimbra Collaboration Suite 8.8 prior to 8.8.8.Patch4 and 8.7 prior to 8.7.11.Patch4 has Persistent XSS via a contact group.
Synacor Zimbra Collaboration Suite 8.8.8
Zimbra Zimbra Collaboration Suite 8.8.8
Synacor Zimbra Collaboration Suite 8.7.11
Synacor Zimbra Collaboration Suite
7.5
CVSSv2
CVE-2019-9670
mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x prior to 8.7.11p10 has an XML External Entity injection (XXE) vulnerability, as demonstrated by Autodiscover/Autodiscover.xml.
Synacor Zimbra Collaboration Suite 8.7.11
Synacor Zimbra Collaboration Suite
1 EDB exploit
7 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »