Lucene search
K

24 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-5337

Malware in sbrugna...

5.5CVSS5.3AI score0.00424EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-3480

Malware in sbrugna...

6.6CVSS6.1AI score0.00391EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-6505

Malware in sbrugna...

8.4CVSS8.4AI score0.00435EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-31118

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.02121EPSS
Exploits1References8
Prion
Prion
added 2022/04/01 8:15 p.m.16 views

Design/Logic Flaw

An issue in provider/libserver/ECKrbAuth.cpp of Kopano Core = 6.30 introduced between 6.30.0 RC1e and 6.30.8 final...

7.5CVSS9.5AI score0.02121EPSS
Exploits1References8Affected Software1
UbuntuCve
UbuntuCve
added 2022/04/01 8:15 p.m.29 views

CVE-2022-26562

An issue in provider/libserver/ECKrbAuth.cpp of Kopano Core = 6.30 introduced between 6.30.0 RC1e and 6.30.8 final...

9.8CVSS7.2AI score0.02121EPSS
Exploits1References4
CVE
CVE
added 2022/04/01 12:0 a.m.110 views

CVE-2022-26562

CVE-2022-26562 describes an authentication bypass in Kopano Core = 6.30 (provider/libserver/ECPamAuth.cpp), allowing login even when the user password or account is expired. The connected documents confirm the affected components and root cause (expired-password-based auth bypass) but do not prov...

9.8CVSS9.4AI score0.02121EPSS
Exploits1References8Affected Software1
Prion
Prion
added 2018/03/19 9:29 p.m.25 views

Information disclosure

Zarafa Collaboration Platform 4.1 uses world-readable permissions for /etc/zarafa/license, which allows local users to obtain sensitive information by reading license files...

2.1CVSS6.1AI score0.00424EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2018/03/19 9:29 p.m.18 views

CVE-2014-5450

Zarafa Collaboration Platform 4.1 uses world-readable permissions for /etc/zarafa/license, which allows local users to obtain sensitive information by reading license files...

5.5CVSS5.1AI score0.00424EPSS
Exploits0References6
Cvelist
Cvelist
added 2018/03/19 9:0 p.m.20 views

CVE-2014-5450

Zarafa Collaboration Platform 4.1 uses world-readable permissions for /etc/zarafa/license, which allows local users to obtain sensitive information by reading license files...

5.1AI score0.00424EPSS
Exploits0References6
CVE
CVE
added 2018/03/19 9:0 p.m.48 views

CVE-2014-5450

CVE-2014-5450 concerns Zarafa Collaboration Platform 4.1, where /etc/zarafa/license was created with world-readable permissions, enabling local users to read license files and disclose sensitive information. Public sources in connected documents indicate this issue stems from incorrect default pe...

5.5CVSS5AI score0.00424EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/01/22 12:0 a.m.4 views

The vulnerability of the zarafa-autorespond application, which is part of the Zarafa Collaboration Platform, allows a perpetrator to increase their privileges.

The vulnerability of the zarafa-autorespond application, which is part of the Zarafa Collaboration Platform, is related to incorrect definition of links before accessing a file. Exploiting this vulnerability can allow an attacker, operating locally, to increase their privileges by manipulating...

7.2CVSS7.5AI score0.00435EPSS
Exploits0References5Affected Software2
CNVD
CNVD
added 2016/01/13 12:0 a.m.3 views

Zarafa Collaboration Platform zarafa-autorespond Privilege Gain Vulnerability

Zarafa Collaboration Platform ZCP is a suite of open source email and calendar software from Zarafa, Netherlands. A security vulnerability exists in zarafa-autorespond in versions of ZCP prior to 7.2.1. A local attacker can exploit this vulnerability to gain privileges by performing a symbolic li...

8.4CVSS6.9AI score0.00435EPSS
Exploits0References1
Prion
Prion
added 2016/01/11 3:59 p.m.21 views

Code injection

zarafa-autorespond in Zarafa Collaboration Platform ZCP before 7.2.1 allows local users to gain privileges via a symlink attack on /tmp/zarafa-vacation-...

7.2CVSS7AI score0.00435EPSS
Exploits0References4Affected Software2
CNVD
CNVD
added 2015/06/10 12:0 a.m.3 views

Zarafa Collaboration Platform Local Arbitrary File Write Vulnerability

Zarafa Collaboration Platform is a suite of open source email and calendaring software. A security vulnerability in the provider/server/ECServer.cpp file of Zarafa Collaboration Platform allows a local attacker to write arbitrary files by performing a symbolic link attack on the...

6.6CVSS6.7AI score0.00391EPSS
Exploits0References1
NVD
NVD
added 2015/06/09 2:59 p.m.25 views

CVE-2015-3436

provider/server/ECServer.cpp in Zarafa Collaboration Platform ZCP before 7.1.13 and 7.2.x before 7.2.1 allows local users to write to arbitrary files via a symlink attack on /tmp/zarafa-upgrade-lock...

6.6CVSS6.3AI score0.00391EPSS
Exploits0References4
Prion
Prion
added 2015/06/09 2:59 p.m.22 views

Code injection

provider/server/ECServer.cpp in Zarafa Collaboration Platform ZCP before 7.1.13 and 7.2.x before 7.2.1 allows local users to write to arbitrary files via a symlink attack on /tmp/zarafa-upgrade-lock...

6.6CVSS6.7AI score0.00391EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2015/06/09 2:0 p.m.63 views

CVE-2015-3436

Zarafa Collaboration Platform (ZCP) is affected by CVE-2015-3436 due to a symlink attack on /tmp/zarafa-upgrade-lock in provider/server/ECServer.cpp. Affects ZCP before 7.1.13 and 7.2.x before 7.2.1, enabling local users to write arbitrary files. Remediation per sources: upgrade to 7.1.13 or 7.2....

6.6CVSS6.3AI score0.00391EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2015/06/09 2:0 p.m.36 views

CVE-2015-3436

provider/server/ECServer.cpp in Zarafa Collaboration Platform ZCP before 7.1.13 and 7.2.x before 7.2.1 allows local users to write to arbitrary files via a symlink attack on /tmp/zarafa-upgrade-lock...

6.2AI score0.00391EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2014/12/08 12:0 a.m.14 views

Zarafa WebApp Detection

The script sends a connection request to the server and attempts to extract the version number from the reply. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...

7AI score
Exploits0
Rows per page
Query Builder