Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
collaboration suite vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2015-7610
Cross-site request forgery (CSRF) vulnerability in the login form in Zimbra Collaboration Suite (aka ZCS) prior to 8.6.0 Patch 10, 8.7.x prior to 8.7.11 Patch 2, and 8.8.x prior to 8.8.8 Patch 1 allows remote malicious users to hijack the authentication of unspecified victims by ...
Zimbra Zimbra Collaboration Suite 8.6.0
Synacor Zimbra Collaboration Suite 8.6.0
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 8.7.11
383
VMScore
CVE-2018-10939
Zimbra Web Client (ZWC) in Zimbra Collaboration Suite 8.8 prior to 8.8.8.Patch4 and 8.7 prior to 8.7.11.Patch4 has Persistent XSS via a contact group.
Synacor Zimbra Collaboration Suite 8.8.8
Zimbra Zimbra Collaboration Suite 8.8.8
Synacor Zimbra Collaboration Suite 8.7.11
Synacor Zimbra Collaboration Suite
383
VMScore
CVE-2018-14425
There is a Persistent XSS vulnerability in the briefcase component of Synacor Zimbra Collaboration Suite (ZCS) Zimbra Web Client (ZWC) 8.8.8 prior to 8.8.8 Patch 7 and 8.8.9 prior to 8.8.9 Patch 1.
Synacor Zimbra Collaboration Suite 8.8.8
Synacor Zimbra Collaboration Suite 8.8.9
Synacor Zimbra Collaboration Suite
445
VMScore
CVE-2018-10950
mailboxd in Zimbra Collaboration Suite 8.8 prior to 8.8.8; 8.7 prior to 8.7.11.Patch3; and 8.6 prior to 8.6.0.Patch10 allows Information Exposure through Verbose Error Messages containing a stack dump, tracing data, or full user-context dump.
Synacor Zimbra Collaboration Suite 8.6.0
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 8.7.11
356
VMScore
CVE-2018-10951
mailboxd in Zimbra Collaboration Suite 8.8 prior to 8.8.8; 8.7 prior to 8.7.11.Patch3; and 8.6 prior to 8.6.0.Patch10 allows zimbraSSLPrivateKey read access via a GetServer, GetAllServers, or GetAllActiveServers call in the Admin SOAP API.
Zimbra Zimbra Collaboration Suite 8.6
Zimbra Zimbra Collaboration Suite 8.7.11
Synacor Zimbra Collaboration Suite
534
VMScore
CVE-2020-12846
Zimbra prior to 8.8.15 Patch 10 and 9.x prior to 9.0.0 Patch 3 allows remote code execution via an avatar file. There is potential abuse of /service/upload servlet in the webmail subsystem. A user can upload executable files (exe,sh,bat,jar) in the Contact section of the mailbox ...
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 8.8.15
Synacor Zimbra Collaboration Suite 9.0.0
890
VMScore
CVE-2005-3454
Multiple unspecified vulnerabilities in Oracle Collaboration Suite 10g Release 1 version 10.1.1 and 9i Release 2 9.0.4.2 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) OCS01, (2) OCS02, (3) OCS03, and (4) OCS04 for Calendar; (5) OCS05, (6) OCS06, (7) OC...
Oracle Collaboration Suite 10.1.1
Oracle Collaboration Suite 9.0.4.2
383
VMScore
CVE-2008-1226
Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration Suite (ZCS) 4.0.3, 4.5.6, and possibly other versions prior to 4.5.10 allow remote malicious users to inject arbitrary web script or HTML via an e-mail attachment, possibly involving a (1) .jpg or (2) .gi...
Zimbra Collaboration Suite 4.0.3
Zimbra Collaboration Suite 4.5.6
757
VMScore
CVE-2019-9670
mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x prior to 8.7.11p10 has an XML External Entity injection (XXE) vulnerability, as demonstrated by Autodiscover/Autodiscover.xml.
Synacor Zimbra Collaboration Suite 8.7.11
Synacor Zimbra Collaboration Suite
1 EDB exploit
6 Github repositories
445
VMScore
CVE-2020-8633
An issue exists in Zimbra Collaboration Suite (ZCS) prior to 8.8.15 Patch 7. When grantors revoked a shared calendar in Outlook, the calendar stayed mounted and accessible.
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite 8.8.15
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975
CVE-2024-2961
CVE-2024-20380
XML injection
HTML injection
CVE-2024-29204
CVE-2023-51795
memory leak
CVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »