CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

30 matches found

RedhatCVE•added 2026/01/09 12:41 p.m.•5 views

CVE-2023-25267

An issue was discovered in GFI Kerio Connect 9.4.1 patch 1 fixed in 10.0.0. There is a stack-based Buffer Overflow in the webmail component's 2FASetup function via an authenticated request with a long primaryEMailAddress field to the webmail/api/jsonrpc URI...

8.8CVSS6.8AI score0.00425EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2017-16830

Malware in sbrugna...

6.1CVSS6.2AI score0.00545EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-29229

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00425EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-39697

Malicious code in bioql PyPI...

5.7CVSS6AI score0.00449EPSS

Exploits0References2

Prion•added 2023/03/15 10:15 p.m.•15 views

Stack overflow

6.5CVSS8.5AI score0.00425EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2023/03/15 12:0 a.m.•4 views

CVE-2023-25267

8.6AI score0.00425EPSS

Exploits1References2

Cvelist•added 2023/03/15 12:0 a.m.•12 views

CVE-2023-25267

8.8AI score0.00425EPSS

Exploits1References2

Positive Technologies•added 2023/03/15 12:0 a.m.•19 views

PT-2023-20010 · Gfi · Gfi Kerioconnect

Name of the Vulnerable Software and Affected Versions: GFI Kerio Connect versions 9.4.1 patch 1 through 9.4.1 patch 1 Description: An issue was discovered in the webmail component's 2FASetup function, which is vulnerable to a stack-based Buffer Overflow. This occurs via an authenticated request...

8.8CVSS8.4AI score0.00425EPSS

Exploits1References5

Tenable Nessus•added 2020/11/13 12:0 a.m.•32 views

Zimbra Collaboration Server < 8.8.15 P11 / 9.x < 9.0.0 P4 XSS

According to its self-reported version number, Zimbra Collaboration Server is below 8.8.15 Patch 11, or 9.x prior to 9.0.0 Patch 4. It is, therefore, affected by a cross-site scripting XSS vulnerability in the Webmail component. An unauthenticated, remote attacker can exploit this, by convincing ...

6.1CVSS6AI score0.01248EPSS

Exploits0References3

CNVD•added 2017/09/04 12:0 a.m.•1 views

IceWarp Server webmail component cross-site scripting vulnerability

IceWarp Server is a mail server product from IceWarp USA. The product supports email archiving, SmartAttach attachments, automatic migration, etc. webmail component is one of the mailbox components. A cross-site scripting vulnerability exists in the 'language' parameter of the webmail component i...

6.1CVSS5.9AI score0.00545EPSS

Exploits0References1

OSV•added 2017/08/31 9:29 p.m.•1 views

CVE-2017-7855

In the webmail component in IceWarp Server 11.3.1.5, there was an XSS vulnerability discovered in the "language" parameter...

6.1CVSS5.8AI score

Exploits0References1

Prion•added 2017/08/31 9:29 p.m.•12 views

Design/Logic Flaw

In the webmail component in IceWarp Server 11.3.1.5, there was an XSS vulnerability discovered in the "language" parameter...

4.3CVSS5.9AI score0.00545EPSS

Exploits0References1Affected Software1

Cvelist•added 2017/08/31 9:0 p.m.•14 views

CVE-2017-7855

In the webmail component in IceWarp Server 11.3.1.5, there was an XSS vulnerability discovered in the "language" parameter...

6AI score0.00545EPSS

Exploits0References1

seebug.org•added 2014/07/01 12:0 a.m.•14 views

Kerio Mailserver 5.6.3 list Module Overflow

No description provided by source. source: http://www.securityfocus.com/bid/7967/info Multiple buffer overrun vulnerabilities have been discovered in Kerio MailServer, which affect the webmail component. The problem occurs when handling usernames of excessive length and likely occurs due to...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•13 views

Kerio Mailserver 5.6.3 do_map Module Overflow

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•20 views

Kerio Mailserver 5.6.3 subscribe Module Overflow

7.1AI score

Exploits0

OpenVAS•added 2012/08/10 12:0 a.m.•18 views

Debian Security Advisory DSA 2485-1 (imp4)

The remote host is missing an update to imp4 announced via advisory DSA 2485-1. OpenVAS Vulnerability Test $Id: deb24851.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2485-1 imp4 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

4.3CVSS0.2AI score0.00618EPSS

Exploits0

securityvulns•added 2012/06/18 12:0 a.m.•48 views

[SECURITY] [DSA 2485-1] imp4 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2485-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst June 3, 2012 http://www.debian.org/security/faq -...

4.3CVSS1.7AI score0.00618EPSS

Exploits0

OSV•added 2012/06/03 12:0 a.m.•15 views

DSA-2485-1 imp4 - cross site scripting

Bulletin has no description...

4.3CVSS6.1AI score0.00618EPSS

Exploits0

Prion•added 2009/07/28 7:30 p.m.•9 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Integration page in the WebMail component in Kerio MailServer 6.6.0, 6.6.1, 6.6.2, and 6.7.0 allows remote attackers to inject arbitrary web script or HTML via an e-mail message...

4.3CVSS6.1AI score0.00357EPSS

Exploits0References5Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by