32 matches found
CVE-2023-25267
An issue was discovered in GFI Kerio Connect 9.4.1 patch 1 fixed in 10.0.0. There is a stack-based Buffer Overflow in the webmail component's 2FASetup function via an authenticated request with a long primaryEMailAddress field to the webmail/api/jsonrpc URI...
EUVD-2011-1507
Malware in sbrugna...
EUVD-2023-29229
Malicious code in bioql PyPI...
CVE-2025-2977
A vulnerability was found in GFI KerioConnect 10.0.6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component PDF File Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been...
GFI KerioConnect 代码注入漏洞
GFI KerioConnect is an enterprise-grade email and collaboration solution from GFI that provides mail, calendar, contacts, tasks, and file sharing. A code injection vulnerability exists in GFI KerioConnect version 10.0.6, which stems from a cross-site scripting vulnerability in the Signature Handl...
PT-2023-13458 · Gfi · Kerio Connect
Name of the Vulnerable Software and Affected Versions: Kerio Connect administration versions 9.4 through 9.4.1 Description: A security issue affects the administration component of Kerio Connect. The estimated number of potentially affected devices worldwide is not specified. There are reports of...
CVE-2023-25267
An issue was discovered in GFI Kerio Connect 9.4.1 patch 1 fixed in 10.0.0. There is a stack-based Buffer Overflow in the webmail component's 2FASetup function via an authenticated request with a long primaryEMailAddress field to the webmail/api/jsonrpc URI...
CVE-2023-25267
An issue was discovered in GFI Kerio Connect 9.4.1 patch 1 fixed in 10.0.0. There is a stack-based Buffer Overflow in the webmail component's 2FASetup function via an authenticated request with a long primaryEMailAddress field to the webmail/api/jsonrpc URI...
Stack overflow
An issue was discovered in GFI Kerio Connect 9.4.1 patch 1 fixed in 10.0.0. There is a stack-based Buffer Overflow in the webmail component's 2FASetup function via an authenticated request with a long primaryEMailAddress field to the webmail/api/jsonrpc URI...
GFI Kerio Connect 缓冲区错误漏洞
GFI Kerio Connect is a mail server and all-in-one collaboration tool from GFI. A security vulnerability exists in GFI Kerio Connect versions prior to 10.0.0 that stems from the presence of a stack-based buffer overflow vulnerability...
CVE-2023-25267
GFI Kerio Connect is affected: version 9.4.1 patch 1 contains a stack-based buffer overflow in the webmail component’s 2FASetup function, exploitable via an authenticated request to webmail/api/jsonrpc using a long primaryEMailAddress. The issue is fixed in version 10.0.0. The vulnerability is as...
CVE-2023-25267
An issue was discovered in GFI Kerio Connect 9.4.1 patch 1 fixed in 10.0.0. There is a stack-based Buffer Overflow in the webmail component's 2FASetup function via an authenticated request with a long primaryEMailAddress field to the webmail/api/jsonrpc URI...
CVE-2023-25267
An issue was discovered in GFI Kerio Connect 9.4.1 patch 1 fixed in 10.0.0. There is a stack-based Buffer Overflow in the webmail component's 2FASetup function via an authenticated request with a long primaryEMailAddress field to the webmail/api/jsonrpc URI...
PT-2023-20010 · Gfi · Gfi Kerioconnect
Name of the Vulnerable Software and Affected Versions: GFI Kerio Connect versions 9.4.1 patch 1 through 9.4.1 patch 1 Description: An issue was discovered in the webmail component's 2FASetup function, which is vulnerable to a stack-based Buffer Overflow. This occurs via an authenticated request...
GFI Kerio Connect Detection (Windows SMB Login)
This script detects the installed version of GFI Kerio Connect for Windows. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Kerio Connect and Kerio Connect Client for Windows and Mac Clickjacking Vulnerability
Kerio Connect is a professional mail mail server setup software.Kerio Connect Client for Windows and Mac is a desktop application for Windows and Mac with features to manage email, chat messages, calendar, contacts, tasks and notes. A security vulnerability exists in Kerio Connect versions 8.0.0...
CVE-2017-7440
Kerio Connect 8.0.0 through 9.2.2, and Kerio Connect Client desktop application for Windows and Mac 9.2.0 through 9.2.2, when e-mail preview is enabled, allows remote attackers to conduct clickjacking attacks via a crafted e-mail message...
Code injection
Kerio Connect 8.0.0 through 9.2.2, and Kerio Connect Client desktop application for Windows and Mac 9.2.0 through 9.2.2, when e-mail preview is enabled, allows remote attackers to conduct clickjacking attacks via a crafted e-mail message...
CVE-2017-7440
Kerio Connect 8.0.0 through 9.2.2, and Kerio Connect Client desktop application for Windows and Mac 9.2.0 through 9.2.2, when e-mail preview is enabled, allows remote attackers to conduct clickjacking attacks via a crafted e-mail message...
CVE-2017-7440
Kerio Connect 8.0.0 through 9.2.2, and Kerio Connect Client desktop application for Windows and Mac 9.2.0 through 9.2.2, when e-mail preview is enabled, allows remote attackers to conduct clickjacking attacks via a crafted e-mail message...