Lucene search
+L

6 matches found

GithubExploit
GithubExploit
added 2024/11/22 1:56 a.m.260 views

Exploit for OS Command Injection in Zimbra Collaboration

CVE-2024-45519 CVE-2024-45519 is a high-risk vulnerability in...

10CVSS6.3AI score0.99877EPSS
Exploits4
NCSC
NCSC
added 2024/10/10 12:50 p.m.10 views

Vulnerabilities fixed in Zimbra

Synacor has fixed vulnerabilities in Zimbra Collaboration. By sending a specially prepared e-mail to the SMTP server, code execution can be obtained directly on the Zimbra server that can be used, for example, to place a webshell. Researchers have published Proof-of-Concept code that demonstrates...

10CVSS8.4AI score0.99877EPSS
Exploits4References2
CISA
CISA
added 2024/10/03 12:0 p.m.17 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-45519link is external Synacor Zimbra Collaboration Command Execution Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber...

10CVSS7.2AI score0.99877EPSS
In wildExploits4References6
The Hacker News
The Hacker News
added 2024/10/02 5:56 a.m.31 views

Researchers Warn of Ongoing Attacks Exploiting Critical Zimbra Postjournal Flaw

Cybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor's Zimbra Collaboration. Enterprise security firm Proofpoint said it began observing the activity starting September 28, 2024. The attacks seek to exploit CVE-2024-45519, a...

10CVSS9.9AI score0.99877EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2024/10/02 12:0 a.m.101 views

Zimbra Collaboration Server 8.0.0 < 8.8.15 Patch 46, 9.0.0 < 9.0.0 Patch 41, 10.0 < 10.0.9, 10.1.0 < 10.1.1 Multiple Vulnerabilities

According to its self-reported version number, Zimbra Collaboration Server is affected by multiple vulnerabilities including: - Fixed a security vulnerability in the postjournal service which may allow unauthenticated users to execute commands. CVE-2024-45519 - A Server-Side Request Forgery SSRF...

10CVSS6AI score0.99877EPSS
Exploits4References11
Circl
Circl
added 2024/09/24 3:21 p.m.21 views

CVE-2024-45519

creationtimestamp| type| source ---|---|--- 2024-09-24 15:21:20+00:00| seen| https://t.me/ptswarm/220 2024-09-25 17:30:05+00:00| seen| https://t.me/truesecator/6248 2024-09-26 01:37:36+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/8602 2024-09-26 14:25:00+00:00|...

10CVSS7.1AI score0.99877EPSS
Exploits4References75
Rows per page
Query Builder