Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
synacor vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2015-7610
Cross-site request forgery (CSRF) vulnerability in the login form in Zimbra Collaboration Suite (aka ZCS) prior to 8.6.0 Patch 10, 8.7.x prior to 8.7.11 Patch 2, and 8.8.x prior to 8.8.8 Patch 1 allows remote malicious users to hijack the authentication of unspecified victims by ...
Zimbra Zimbra Collaboration Suite 8.6.0
Synacor Zimbra Collaboration Suite 8.6.0
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 8.7.11
445
VMScore
CVE-2018-17938
Zimbra Collaboration prior to 8.8.10 GA allows text content spoofing via a loginErrorCode value.
Synacor Zimbra Collaboration Suite
668
VMScore
CVE-2016-9924
Zimbra Collaboration Suite (ZCS) prior to 8.7.4 allows remote malicious users to conduct XML External Entity (XXE) attacks.
Synacor Zimbra Collaboration Suite
383
VMScore
CVE-2014-5500
Synacor Zimbra Collaboration prior to 8.0.8 has XSS.
Synacor Zimbra Collaboration Server
1 Github repository
NA
CVE-2022-3569
Due to an issue with incorrect sudo permissions, Zimbra Collaboration Suite (ZCS) suffers from a local privilege escalation issue in versions 9.0.0 and prior, where the 'zimbra' user can effectively coerce postfix into running arbitrary commands as 'root'.
Synacor Zimbra Collaboration Suite
312
VMScore
CVE-2019-11318
Zimbra Collaboration prior to 8.8.12 Patch 1 has persistent XSS.
Synacor Zimbra Collaboration Server
668
VMScore
CVE-2017-6813
A service provided by Zimbra Collaboration Suite (ZCS) prior to 8.7.6 fails to require needed privileges before performing a few requested operations.
Synacor Zimbra Collaboration Suite
668
VMScore
CVE-2014-8563
Synacor Zimbra Collaboration prior to 8.0.9 allows plaintext command injection during STARTTLS.
Synacor Zimbra Collaboration Server
312
VMScore
CVE-2017-8783
Synacor Zimbra Collaboration Suite (ZCS) prior to 8.7.10 has Persistent XSS.
Synacor Zimbra Collaboration Suite
383
VMScore
CVE-2017-7288
Cross-site scripting (XSS) vulnerability in Zimbra Collaboration Suite (ZCS) prior to 8.7.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Synacor Zimbra Collaboration Suite
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »