Lucene search
K

65 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:18 p.m.9 views

CVE-2018-10948

Synacor Zimbra Admin UI in Zimbra Collaboration Suite before 8.8.0 beta 2 has Persistent XSS via mail addrs...

4.8CVSS5.9AI score0.00769EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:10 p.m.17 views

CVE-2018-18631

mailboxd component in Synacor Zimbra Collaboration Suite 8.6, 8.7 before 8.7.11 Patch 7, and 8.8 before 8.8.10 Patch 2 has Persistent XSS...

6.1CVSS7AI score0.0098EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2018-10347

Malware in sbrugna...

6.1CVSS6.3AI score0.0098EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-7012

Malware in sbrugna...

5.3CVSS5.5AI score0.01862EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-5387

Malware in sbrugna...

6.1CVSS6.3AI score0.00827EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-12729

Malware in sbrugna...

9.8CVSS9.5AI score0.0223EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 1:21 p.m.7 views

CVE-2018-14425

There is a Persistent XSS vulnerability in the briefcase component of Synacor Zimbra Collaboration Suite ZCS Zimbra Web Client ZWC 8.8.8 before 8.8.8 Patch 7 and 8.8.9 before 8.8.9 Patch 1...

6.1CVSS6.1AI score0.00969EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:58 a.m.6 views

CVE-2019-9670

mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External Entity injection XXE vulnerability, as demonstrated by Autodiscover/Autodiscover.xml...

9.8CVSS9.7AI score0.99986EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:22 a.m.9 views

CVE-2018-20160

ZxChat aka ZeXtras Chat, as used for zimbra-chat and zimbra-talk in Synacor Zimbra Collaboration Suite 8.7 and 8.8 and in other products, allows XXE attacks, as demonstrated by a crafted XML request to mailboxd...

9.8CVSS6.8AI score0.0223EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:38 a.m.14 views

CVE-2018-15131

An issue was discovered in Synacor Zimbra Collaboration Suite 8.6.x before 8.6.0 Patch 11, 8.7.x before 8.7.11 Patch 6, 8.8.x before 8.8.8 Patch 9, and 8.8.9 before 8.8.9 Patch 3. Account number enumeration is possible via inconsistent responses for specific types of authentication requests...

5.3CVSS7.2AI score0.01862EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:31 a.m.8 views

CVE-2015-2230

Synacor Zimbra Collaboration Server 8.x before 8.7.0 has Reflected XSS in admin console...

6.1CVSS6.1AI score0.00799EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:23 a.m.10 views

CVE-2019-6980

Synacor Zimbra Collaboration Suite 8.7.x through 8.8.11 allows insecure object deserialization in the IMAP component...

9.8CVSS7AI score0.03912EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:55 a.m.7 views

CVE-2014-8563

Synacor Zimbra Collaboration before 8.0.9 allows plaintext command injection during STARTTLS...

9.8CVSS7.5AI score0.02506EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/02/26 4:33 a.m.26 views

CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Amid Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday placed two security flaws impacting Microsoft Partner Center and Synacor Zimbra Collaboration Suite ZCS to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The vulnerabilities in...

9.8CVSS6.5AI score0.77266EPSS
Exploits0
CISA KEV Catalog
CISA KEV Catalog
added 2024/10/03 12:0 a.m.587 views

Synacor Zimbra Collaboration Suite (ZCS) Command Execution Vulnerability

Synacor Zimbra Collaboration Suite ZCS contains an unspecified vulnerability in the postjournal service that may allow an unauthenticated user to execute commands...

10CVSS9.5AI score0.99976EPSS
In wildExploits4
CNNVD
CNNVD
added 2024/03/31 12:0 a.m.6 views

Synacor Zimbra 跨站脚本漏洞

Synacor Zimbra is an open source email collaboration platform from Synacor, Inc. A cross-site scripting vulnerability exists in Synacor Zimbra zm-admin-ajax version 8.8.1 and prior versions, which stems from the fact that incorrect manipulation of the parameter message can lead to cross-site...

4CVSS4.2AI score0.00466EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/02/13 12:0 a.m.6 views

Synacor Zimbra Security Vulnerability

Synacor Zimbra is an open source email collaboration platform from Synacor, Inc. in the United States. A security vulnerability exists in Synacor Zimbra Collaboration. An attacker could exploit the vulnerability to inject DOM-based JavaScript...

9.1CVSS6.7AI score0.00436EPSS
Exploits0References4
CISA KEV Catalog
CISA KEV Catalog
added 2022/01/10 12:0 a.m.24 views

Synacor Zimbra Collaboration Suite (ZCS) Improper Restriction of XML External Entity Reference

Synacor Zimbra Collaboration Suite ZCS contains an improper restriction of XML external entity XXE vulnerability in the mailboxd component...

9.8CVSS9.6AI score0.99986EPSS
In wildExploits4
CNVD
CNVD
added 2020/07/03 12:0 a.m.5 views

Synacor Zimbra Collaboration Suite Webmail Cross-Site Scripting Vulnerability

Synacor Zimbra Collaboration Suite ZCS is an open source collaboration suite from Synacor, USA. The product includes WebMail, calendar, address book , etc. Webmail is one of the Web-based e-mail component . A cross-site scripting vulnerability exists in the Webmail component in versions prior to...

6.1CVSS6AI score0.01387EPSS
Exploits0References1
NVD
NVD
added 2020/01/27 7:15 p.m.17 views

CVE-2014-5500

Synacor Zimbra Collaboration before 8.0.8 has XSS...

6.1CVSS6.3AI score0.00827EPSS
Exploits0References1
Rows per page
Query Builder