Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
synacor zimbra collaboration suite 8.8.8 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-10939
Zimbra Web Client (ZWC) in Zimbra Collaboration Suite 8.8 before 8.8.8.Patch4 and 8.7 before 8.7.11.Patch4 has Persistent XSS via a contact group....
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 8.7.11
Synacor Zimbra Collaboration Suite 8.8.8
Zimbra Zimbra Collaboration Suite 8.8.8
5
CVSSv2
CVE-2018-15131
An issue was discovered in Synacor Zimbra Collaboration Suite 8.6.x before 8.6.0 Patch 11, 8.7.x before 8.7.11 Patch 6, 8.8.x before 8.8.8 Patch 9, and 8.8.9 before 8.8.9 Patch 3. Account number enumeration is possible via inconsistent responses for specific types of...
Synacor Zimbra Collaboration Suite 8.6.0
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 8.7.11
Synacor Zimbra Collaboration Suite 8.8.8
Synacor Zimbra Collaboration Suite 8.8.9
3 Github repositories available
4.3
CVSSv2
CVE-2018-14425
There is a Persistent XSS vulnerability in the briefcase component of Synacor Zimbra Collaboration Suite (ZCS) Zimbra Web Client (ZWC) 8.8.8 before 8.8.8 Patch 7 and 8.8.9 before 8.8.9 Patch 1....
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 8.8.8
Synacor Zimbra Collaboration Suite 8.8.9
5
CVSSv2
CVE-2018-10950
mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 before 8.6.0.Patch10 allows Information Exposure through Verbose Error Messages containing a stack dump, tracing data, or full user-context dump....
Synacor Zimbra Collaboration Suite 8.6.0
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 8.7.11
6.8
CVSSv2
CVE-2015-7610
Cross-site request forgery (CSRF) vulnerability in the login form in Zimbra Collaboration Suite (aka ZCS) before 8.6.0 Patch 10, 8.7.x before 8.7.11 Patch 2, and 8.8.x before 8.8.8 Patch 1 allows remote attackers to hijack the authentication of unspecified victims by leveraging...
Synacor Zimbra Collaboration Suite 8.6.0
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 8.7.11
Zimbra Zimbra Collaboration Suite 8.6.0
5
CVSSv2
CVE-2018-10949
mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 allows Account Enumeration by leveraging a Discrepancy between the "HTTP 404 - account is not active" and "HTTP 401 - must authenticate" errors....
Synacor Zimbra Collaboration Suite 8.6.0
Synacor Zimbra Collaboration Suite
2 Github repositories available
4
CVSSv2
CVE-2018-10951
mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 before 8.6.0.Patch10 allows zimbraSSLPrivateKey read access via a GetServer, GetAllServers, or GetAllActiveServers call in the Admin SOAP API....
Synacor Zimbra Collaboration Suite
Zimbra Zimbra Collaboration Suite 8.6
Zimbra Zimbra Collaboration Suite 8.7.11
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
arbitrary code
CVE-2020-36079
microfocus
CVE-2021-26561
CVE-2021-21972
NULL pointer dereference
CVE-2021-25281
deserialization
solutions business manager
CVE-2020-28243
CVE-2020-27618
Vulmon