Lucene search
+L

9 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:49 a.m.13 views

CVE-2022-27924

Zimbra Collaboration aka ZCS 8.8.15 and 9.0 allows an unauthenticated attacker to inject arbitrary memcache commands into a targeted instance. These memcache commands becomes unescaped, causing an overwrite of arbitrary cached entries...

7.5CVSS7.4AI score0.85398EPSS
Exploits2References1
Imperva Blog
Imperva Blog
added 2024/10/14 5:45 p.m.36 views

Imperva Defends Against Targeted Exploits Used By APT29 Hackers

Recently, U.S. and U.K. cyber agencies have warned of a renewed wave of attacks led by Russian APT29 hackers. These sophisticated threat actors have been actively exploiting vulnerabilities in Zimbra Collaboration Suite and JetBrains TeamCity, specifically CVE-2022-27924 and CVE-2023-42793, to...

9.8CVSS7.8AI score0.99979EPSS
Exploits19
The Hacker News
The Hacker News
added 2024/10/11 8:34 a.m.36 views

CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance

The U.S. Cybersecurity and Infrastructure Security Agency CISA is warning that it has observed threat actors leveraging unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager LTM module to conduct reconnaissance of target networks. It said the module is being used to...

9.8CVSS10AI score0.99979EPSS
Exploits19
Circl
Circl
added 2023/06/14 9:10 p.m.14 views

CVE-2022-27924

creationtimestamp| type| source ---|---|--- 2023-06-14 21:10:04+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2023-12-03 23:25:04+00:00| seen| https://t.me/arpsyndicate/1056 2024-12-24 20:32:39+00:00| seen| https://feedsin.space/feed/CISAKevBot/items/2971675 2025-02-23 02:10:36+00:00|...

7.5CVSS7.4AI score0.85398EPSS
Exploits2References6
The Hacker News
The Hacker News
added 2022/08/05 5:54 a.m.115 views

CISA Adds Zimbra Email Vulnerability to its Exploited Vulnerabilities Catalog

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a recently disclosed high-severity vulnerability in the Zimbra email suite to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation. The issue in question is CVE-2022-27924 CVSS score:...

7.5CVSS2AI score0.85398EPSS
Exploits2
VulnCheck KEV
VulnCheck KEV
added 2022/08/04 12:0 a.m.3 views

VulnCheck KEV: CVE-2022-27924

Synacor Zimbra Collaboration Suite ZCS allows an attacker to inject memcache commands into a targeted instance which causes an overwrite of arbitrary cached entries...

7.5CVSS7.5AI score0.85398EPSS
Exploits2References1
Check Point Advisories
Check Point Advisories
added 2022/07/20 12:0 a.m.19 views

Zimbra Collaboration CRLF Injection (CVE-2022-27924)

A CRLF injection vulnerability exists in Zimbra Collaboration. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

5CVSS5.6AI score0.85398EPSS
Exploits2
The Hacker News
The Hacker News
added 2022/06/14 3:13 p.m.100 views

New Zimbra Email Vulnerability Could Let Attackers Steal Your Login Credentials

A new high-severity vulnerability has been disclosed in the Zimbra email suite that, if successfully exploited, enables an unauthenticated attacker to steal cleartext passwords of users sans any user interaction. "With the consequent access to the victims' mailboxes, attackers can potentially...

7.5CVSS0.2AI score0.85398EPSS
Exploits2
CVE
CVE
added 2022/04/20 11:23 p.m.950 views

CVE-2022-27924

CVE-2022-27924 affects Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0, allowing an unauthenticated attacker to inject arbitrary memcache commands into a targeted ZCS instance, with those commands becoming unescaped and enabling overwriting of arbitrary cached entries and extraction of credential...

7.5CVSS7.8AI score0.85398EPSS
In wildExploits2References4Affected Software1
Rows per page
Query Builder