Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zarafa zarafa vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2022-26562
An issue in provider/libserver/ECKrbAuth.cpp of Kopano Core <= v11.0.2.51 contains an issue which allows malicious users to authenticate even if the user account or password is expired. It also exists in the predecessor Zarafa Collaboration Platform (ZCP) in provider/libserver...
Kopano Groupware Core 11.0.2.51
641
VMScore
CVE-2015-6566
zarafa-autorespond in Zarafa Collaboration Platform (ZCP) prior to 7.2.1 allows local users to gain privileges via a symlink attack on /tmp/zarafa-vacation-*.
Zarafa Zarafa Collaboration Platform
Fedoraproject Fedora 21
587
VMScore
CVE-2015-3436
provider/server/ECServer.cpp in Zarafa Collaboration Platform (ZCP) prior to 7.1.13 and 7.2.x prior to 7.2.1 allows local users to write to arbitrary files via a symlink attack on /tmp/zarafa-upgrade-lock.
Zarafa Zarafa Collaboration Platform 7.2.0
Zarafa Zarafa Collaboration Platform
445
VMScore
CVE-2021-28994
kopano-ical (formerly zarafa-ical) in Kopano Groupware Core up to and including 8.7.16, 9.x up to and including 9.1.0, 10.x up to and including 10.0.7, and 11.x up to and including 11.0.1 and Zarafa 6.30.x up to and including 7.2.x allows memory exhaustion via long HTTP headers.
Kopano Groupware Core
Zarafa Zarafa
445
VMScore
CVE-2014-9465
senddocument.php in Zarafa WebApp prior to 2.0 beta 3 and WebAccess in Zarafa Collaboration Platform (ZCP) 7.x prior to 7.1.12 beta 1 and 7.2.x prior to 7.2.0 beta 1 allows remote malicious users to cause a denial of service (/tmp disk consumption) by uploading a large number of ...
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Zarafa Zarafa Collaboration Platform 7.0.3
Zarafa Zarafa Collaboration Platform 7.0.5
Zarafa Zarafa Collaboration Platform 7.0.12
Zarafa Zarafa Collaboration Platform 7.1.0
Zarafa Zarafa Collaboration Platform 7.1.7
Zarafa Zarafa Collaboration Platform 7.1.9
Zarafa Webapp
Zarafa Zarafa Collaboration Platform 7.0.0
Zarafa Zarafa Collaboration Platform 7.0.1
Zarafa Zarafa Collaboration Platform 7.0.2
Zarafa Zarafa Collaboration Platform 7.1.2
Zarafa Zarafa Collaboration Platform 7.1.3
Zarafa Zarafa Collaboration Platform 7.1.4
Zarafa Zarafa Collaboration Platform 7.1.5
Zarafa Zarafa Collaboration Platform 7.0.7
Zarafa Zarafa Collaboration Platform 7.0.8
Zarafa Zarafa Collaboration Platform 7.0.9
Zarafa Zarafa Collaboration Platform 7.0.10
Zarafa Zarafa Collaboration Platform 7.0.11
Zarafa Zarafa Collaboration Platform 7.1.10
445
VMScore
CVE-2014-0037
The ValidateUserLogon function in provider/libserver/ECSession.cpp in Zarafa 5.00 prior to 7.1.8 beta2 allows remote malicious users to cause a denial of service (crash) via vectors related to "a NULL pointer of the username."
Zarafa Zarafa 7.0.6
Zarafa Zarafa 7.0.5
Zarafa Zarafa 7.0.4
Zarafa Zarafa 7.0.3
Zarafa Zarafa 6.03
Zarafa Zarafa 6.11
Zarafa Zarafa 6.20
Zarafa Zarafa 6.20.2
Zarafa Zarafa 6.30.9
Zarafa Zarafa 6.20.12
Zarafa Zarafa 6.30.10
Zarafa Zarafa 6.30.11
Zarafa Zarafa 6.40.10
Zarafa Zarafa 6.40.11
Zarafa Zarafa 6.40.12
Zarafa Zarafa 6.40.13
Zarafa Zarafa 6.40.14
Zarafa Zarafa 7.1.0
Zarafa Zarafa 7.0.13
Zarafa Zarafa 7.0.12
Zarafa Zarafa 7.0.11
Zarafa Zarafa 5.10
445
VMScore
CVE-2014-0079
The ValidateUserLogon function in provider/libserver/ECSession.cpp in Zarafa 7.1.8, 6.20.0, and previous versions, when using certain build conditions, allows remote malicious users to cause a denial of service (crash) via vectors related to "a NULL pointer of the password.&...
Zarafa Zarafa 6.03
Zarafa Zarafa 6.11
Zarafa Zarafa 5.10
Zarafa Zarafa 5.02
Zarafa Zarafa 5.11
Zarafa Zarafa 5.20
Zarafa Zarafa 5.22
Zarafa Zarafa 6.00
Zarafa Zarafa 6.02
Zarafa Zarafa 5.00
Zarafa Zarafa 7.1.8
Zarafa Zarafa 6.01
Zarafa Zarafa 6.10
Zarafa Zarafa 5.01
Zarafa Zarafa
383
VMScore
CVE-2019-7219
Unauthenticated reflected cross-site scripting (XSS) exists in Zarafa Webapp 2.0.1.47791 and previous versions. NOTE: this is a discontinued product. The issue was fixed in later Zarafa Webapp versions; however, some former Zarafa Webapp customers use the related Kopano product i...
Zarafa Webaccess 7.2.0-48204
1 Github repository
187
VMScore
CVE-2014-5450
Zarafa Collaboration Platform 4.1 uses world-readable permissions for /etc/zarafa/license, which allows local users to obtain sensitive information by reading license files.
Zarafa Zarafa Collaboration Platform 4.1
187
VMScore
CVE-2014-5447
Zarafa WebAccess 7.1.10 and WebApp 1.6 beta uses weak permissions (644) for config.php, which allows local users to obtain sensitive information by reading the PHP session files. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0103.
Zarafa Zarafa 7.1.10
Zarafa Webapp 1.6
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »