Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

collaboration suite vulnerabilities and exploits

(subscribe to this query)

3.5
CVSSv2
CVE-2018-10948
Synacor Zimbra Admin UI in Zimbra Collaboration Suite before 8.8.0 beta 2 has Persistent XSS via mail addrs....
Synacor Zimbra Collaboration SuiteSynacor Zimbra Collaboration Suite 8.8.0
5
CVSSv2
CVE-2018-10949
mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 allows Account Enumeration by leveraging a Discrepancy between the "HTTP 404 - account is not active" and "HTTP 401 - must authenticate" errors....
Synacor Zimbra Collaboration Suite 8.6.0Synacor Zimbra Collaboration Suite
6.8
CVSSv2
CVE-2020-7796
Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7 allows SSRF when WebEx zimlet is installed and zimlet JSP is enabled....
Synacor Zimbra Collaboration SuiteSynacor Zimbra Collaboration Suite 8.8.15
3.5
CVSSv2
CVE-2017-8802
Cross-site scripting (XSS) vulnerability in Zimbra Collaboration Suite (aka ZCS) before 8.8.0 Beta2 might allow remote attackers to inject arbitrary web script or HTML via vectors related to the "Show Snippet" functionality....
Synocor Zimbra Collaboration SuiteSynocor Zimbra Collaboration Suite 8.8.0
4.3
CVSSv2
CVE-2020-13653
An XSS vulnerability exists in the Webmail component of Zimbra Collaboration Suite before 8.8.15 Patch 11. It allows an attacker to inject executable JavaScript into the account name of a user's profile. The injected code can be reflected and executed when changing an...
Synacor Zimbra Collaboration SuiteSynacor Zimbra Collaboration Suite 8.8.15
6.5
CVSSv2
CVE-2005-3526
Buffer overflow in the IMAP daemon in Ipswitch Collaboration Suite 2006.02 and earlier allows remote authenticated users to execute arbitrary code via a long FETCH command....
Ipswitch Ipswitch Collaboration Suite 2006.02 PremiumIpswitch Ipswitch Collaboration Suite 2006.02 Standard
7.5
CVSSv2
CVE-2005-2931
Format string vulnerability in the SMTP service in IMail Server 8.20 in Ipswitch Collaboration Suite (ICS) before 2.02 allows remote attackers to execute arbitrary code via format string specifiers to the (1) EXPN, (2) MAIL, (3) MAIL FROM, and (4) RCPT TO commands....
Ipswitch Imail Server 8.20Ipswitch Ipswitch Collaboration Suite 2.0Ipswitch Ipswitch Collaboration Suite 2.01
4
CVSSv2
CVE-2005-2923
The IMAP server in IMail Server 8.20 in Ipswitch Collaboration Suite (ICS) before 2.02 allows remote attackers to cause a denial of service (crash) via a long argument to the LIST command, which causes IMail Server to reference invalid memory....
Ipswitch Imail Server 8.20Ipswitch Ipswitch Collaboration Suite 2.0Ipswitch Ipswitch Collaboration Suite 2.01
10
CVSSv2
CVE-2006-3715
Unspecified vulnerability in Calendar for Oracle Collaboration Suite 10.1.2 has unknown impact and attack vectors, aka Oracle Vuln# OCS01....
Oracle Collaboration Suite 10.1.2
7.5
CVSSv2
CVE-2017-6813
A service provided by Zimbra Collaboration Suite (ZCS) before 8.7.6 fails to require needed privileges before performing a few requested operations....
Synacor Zimbra Collaboration Suite
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
unspecifiedbuffer overflowCVE-2021-0404microsoftrace conditionCVE-2021-23965CVE-2021-21298CVE-2021-24093CVE-2021-21724CVE-2021-25281.net