Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
synacor zimbra collaboration suite 8.8.8 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2015-7610
Cross-site request forgery (CSRF) vulnerability in the login form in Zimbra Collaboration Suite (aka ZCS) prior to 8.6.0 Patch 10, 8.7.x prior to 8.7.11 Patch 2, and 8.8.x prior to 8.8.8 Patch 1 allows remote malicious users to hijack the authentication of unspecified victims by ...
Zimbra Zimbra Collaboration Suite 8.6.0
Synacor Zimbra Collaboration Suite 8.7.11
Synacor Zimbra Collaboration Suite 8.6.0
Synacor Zimbra Collaboration Suite
6.5
CVSSv3
CVE-2018-10951
mailboxd in Zimbra Collaboration Suite 8.8 prior to 8.8.8; 8.7 prior to 8.7.11.Patch3; and 8.6 prior to 8.6.0.Patch10 allows zimbraSSLPrivateKey read access via a GetServer, GetAllServers, or GetAllActiveServers call in the Admin SOAP API.
Zimbra Zimbra Collaboration Suite 8.6
Zimbra Zimbra Collaboration Suite 8.7.11
Synacor Zimbra Collaboration Suite
6.1
CVSSv3
CVE-2018-14425
There is a Persistent XSS vulnerability in the briefcase component of Synacor Zimbra Collaboration Suite (ZCS) Zimbra Web Client (ZWC) 8.8.8 prior to 8.8.8 Patch 7 and 8.8.9 prior to 8.8.9 Patch 1.
Synacor Zimbra Collaboration Suite 8.8.9
Synacor Zimbra Collaboration Suite 8.8.8
Synacor Zimbra Collaboration Suite
6.1
CVSSv3
CVE-2018-10939
Zimbra Web Client (ZWC) in Zimbra Collaboration Suite 8.8 prior to 8.8.8.Patch4 and 8.7 prior to 8.7.11.Patch4 has Persistent XSS via a contact group.
Zimbra Zimbra Collaboration Suite 8.8.8
Synacor Zimbra Collaboration Suite 8.7.11
Synacor Zimbra Collaboration Suite 8.8.8
Synacor Zimbra Collaboration Suite
5.3
CVSSv3
CVE-2018-15131
An issue exists in Synacor Zimbra Collaboration Suite 8.6.x prior to 8.6.0 Patch 11, 8.7.x prior to 8.7.11 Patch 6, 8.8.x prior to 8.8.8 Patch 9, and 8.8.9 prior to 8.8.9 Patch 3. Account number enumeration is possible via inconsistent responses for specific types of authenticati...
Synacor Zimbra Collaboration Suite 8.7.11
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 8.8.9
Synacor Zimbra Collaboration Suite 8.6.0
Synacor Zimbra Collaboration Suite 8.8.8
1 Github repository
5.3
CVSSv3
CVE-2018-10949
mailboxd in Zimbra Collaboration Suite 8.8 prior to 8.8.8; 8.7 prior to 8.7.11.Patch3; and 8.6 allows Account Enumeration by leveraging a Discrepancy between the "HTTP 404 - account is not active" and "HTTP 401 - must authenticate" errors.
Synacor Zimbra Collaboration Suite 8.6.0
Synacor Zimbra Collaboration Suite
1 Github repository
5.3
CVSSv3
CVE-2018-10950
mailboxd in Zimbra Collaboration Suite 8.8 prior to 8.8.8; 8.7 prior to 8.7.11.Patch3; and 8.6 prior to 8.6.0.Patch10 allows Information Exposure through Verbose Error Messages containing a stack dump, tracing data, or full user-context dump.
Synacor Zimbra Collaboration Suite 8.7.11
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 8.6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started