Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
synacor zimbra collaboration suite vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2017-8783
Synacor Zimbra Collaboration Suite (ZCS) prior to 8.7.10 has Persistent XSS.
Synacor Zimbra Collaboration Suite
5.3
CVSSv3
CVE-2020-8633
An issue exists in Zimbra Collaboration Suite (ZCS) prior to 8.8.15 Patch 7. When grantors revoked a shared calendar in Outlook, the calendar stayed mounted and accessible.
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 8.8.15
5.3
CVSSv3
CVE-2018-15131
An issue exists in Synacor Zimbra Collaboration Suite 8.6.x prior to 8.6.0 Patch 11, 8.7.x prior to 8.7.11 Patch 6, 8.8.x prior to 8.8.8 Patch 9, and 8.8.9 prior to 8.8.9 Patch 3. Account number enumeration is possible via inconsistent responses for specific types of authenticati...
Synacor Zimbra Collaboration Suite 8.6.0
Synacor Zimbra Collaboration Suite 8.7.11
Synacor Zimbra Collaboration Suite 8.8.8
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 8.8.9
1 Github repository
5.3
CVSSv3
CVE-2018-17938
Zimbra Collaboration prior to 8.8.10 GA allows text content spoofing via a loginErrorCode value.
Synacor Zimbra Collaboration Suite
5.3
CVSSv3
CVE-2018-10949
mailboxd in Zimbra Collaboration Suite 8.8 prior to 8.8.8; 8.7 prior to 8.7.11.Patch3; and 8.6 allows Account Enumeration by leveraging a Discrepancy between the "HTTP 404 - account is not active" and "HTTP 401 - must authenticate" errors.
Synacor Zimbra Collaboration Suite 8.6.0
Synacor Zimbra Collaboration Suite
1 Github repository
5.3
CVSSv3
CVE-2018-10950
mailboxd in Zimbra Collaboration Suite 8.8 prior to 8.8.8; 8.7 prior to 8.7.11.Patch3; and 8.6 prior to 8.6.0.Patch10 allows Information Exposure through Verbose Error Messages containing a stack dump, tracing data, or full user-context dump.
Synacor Zimbra Collaboration Suite 8.6.0
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 8.7.11
4.8
CVSSv3
CVE-2018-10948
Synacor Zimbra Admin UI in Zimbra Collaboration Suite prior to 8.8.0 beta 2 has Persistent XSS via mail addrs.
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 8.8.0
NA
CVE-2013-7091
Directory traversal vulnerability in /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz in Zimbra 7.2.2 and 8.0.2 allows remote malicious users to read arbitrary files via a .. (dot dot) in the skin parameter. NOTE: this can be leveraged to execute arbit...
Synacor Zimbra Collaboration Suite 6.0.0
Synacor Zimbra Collaboration Suite 6.0.2
Synacor Zimbra Collaboration Suite 6.0.3
Synacor Zimbra Collaboration Suite 6.0.1
Synacor Zimbra Collaboration Suite 6.0.10
Synacor Zimbra Collaboration Suite 6.0.12
Synacor Zimbra Collaboration Suite 6.0.4
Synacor Zimbra Collaboration Suite 6.0.5
Synacor Zimbra Collaboration Suite 6.0.13
Synacor Zimbra Collaboration Suite 6.0.14
Synacor Zimbra Collaboration Suite 6.0.6
Synacor Zimbra Collaboration Suite 6.0.7
Synacor Zimbra Collaboration Suite 6.0.15
Synacor Zimbra Collaboration Suite 6.0.16
Synacor Zimbra Collaboration Suite 6.0.8
Synacor Zimbra Collaboration Suite 6.0.9
2 EDB exploits
1 Nmap script
1 Github repository
1 Article
NA
CVE-2013-5119
Zimbra Collaboration Suite (ZCS) 6.0.16 and previous versions allows man-in-the-middle malicious users to obtain access by sniffing the network and replaying the ZM_AUTH_TOKEN token.
Synacor Zimbra Collaboration Suite 6.0.14
Synacor Zimbra Collaboration Suite 6.0.12
Synacor Zimbra Collaboration Suite 6.0.9
Synacor Zimbra Collaboration Suite 6.0.4
Synacor Zimbra Collaboration Suite 6.0.2
Synacor Zimbra Collaboration Suite 6.0.8
Synacor Zimbra Collaboration Suite 6.0.7
Synacor Zimbra Collaboration Suite 6.0.6
Synacor Zimbra Collaboration Suite 6.0.5
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 6.0.15
Synacor Zimbra Collaboration Suite 6.0.0
Synacor Zimbra Collaboration Suite 6.0.13
Synacor Zimbra Collaboration Suite 6.0.10
Synacor Zimbra Collaboration Suite 6.0.3
Synacor Zimbra Collaboration Suite 6.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5