65 matches found
CVE-2018-10948
Synacor Zimbra Admin UI in Zimbra Collaboration Suite before 8.8.0 beta 2 has Persistent XSS via mail addrs...
CVE-2018-18631
mailboxd component in Synacor Zimbra Collaboration Suite 8.6, 8.7 before 8.7.11 Patch 7, and 8.8 before 8.8.10 Patch 2 has Persistent XSS...
EUVD-2018-10347
Malware in sbrugna...
EUVD-2018-7012
Malware in sbrugna...
EUVD-2014-5387
Malware in sbrugna...
EUVD-2018-12729
Malware in sbrugna...
CVE-2018-14425
There is a Persistent XSS vulnerability in the briefcase component of Synacor Zimbra Collaboration Suite ZCS Zimbra Web Client ZWC 8.8.8 before 8.8.8 Patch 7 and 8.8.9 before 8.8.9 Patch 1...
CVE-2019-9670
mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External Entity injection XXE vulnerability, as demonstrated by Autodiscover/Autodiscover.xml...
CVE-2018-20160
ZxChat aka ZeXtras Chat, as used for zimbra-chat and zimbra-talk in Synacor Zimbra Collaboration Suite 8.7 and 8.8 and in other products, allows XXE attacks, as demonstrated by a crafted XML request to mailboxd...
CVE-2018-15131
An issue was discovered in Synacor Zimbra Collaboration Suite 8.6.x before 8.6.0 Patch 11, 8.7.x before 8.7.11 Patch 6, 8.8.x before 8.8.8 Patch 9, and 8.8.9 before 8.8.9 Patch 3. Account number enumeration is possible via inconsistent responses for specific types of authentication requests...
CVE-2015-2230
Synacor Zimbra Collaboration Server 8.x before 8.7.0 has Reflected XSS in admin console...
CVE-2019-6980
Synacor Zimbra Collaboration Suite 8.7.x through 8.8.11 allows insecure object deserialization in the IMAP component...
CVE-2014-8563
Synacor Zimbra Collaboration before 8.0.9 allows plaintext command injection during STARTTLS...
CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Amid Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday placed two security flaws impacting Microsoft Partner Center and Synacor Zimbra Collaboration Suite ZCS to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The vulnerabilities in...
Synacor Zimbra Collaboration Suite (ZCS) Command Execution Vulnerability
Synacor Zimbra Collaboration Suite ZCS contains an unspecified vulnerability in the postjournal service that may allow an unauthenticated user to execute commands...
Synacor Zimbra 跨站脚本漏洞
Synacor Zimbra is an open source email collaboration platform from Synacor, Inc. A cross-site scripting vulnerability exists in Synacor Zimbra zm-admin-ajax version 8.8.1 and prior versions, which stems from the fact that incorrect manipulation of the parameter message can lead to cross-site...
Synacor Zimbra Security Vulnerability
Synacor Zimbra is an open source email collaboration platform from Synacor, Inc. in the United States. A security vulnerability exists in Synacor Zimbra Collaboration. An attacker could exploit the vulnerability to inject DOM-based JavaScript...
Synacor Zimbra Collaboration Suite (ZCS) Improper Restriction of XML External Entity Reference
Synacor Zimbra Collaboration Suite ZCS contains an improper restriction of XML external entity XXE vulnerability in the mailboxd component...
Synacor Zimbra Collaboration Suite Webmail Cross-Site Scripting Vulnerability
Synacor Zimbra Collaboration Suite ZCS is an open source collaboration suite from Synacor, USA. The product includes WebMail, calendar, address book , etc. Webmail is one of the Web-based e-mail component . A cross-site scripting vulnerability exists in the Webmail component in versions prior to...
CVE-2014-5500
Synacor Zimbra Collaboration before 8.0.8 has XSS...