Synacor Zimbra_collaboration_suite

23 CVEs affecting Synacor Zimbra_collaboration_suite. Latest disclosed: 2017-05-23. Critical: 4, High: 7.

Top CVEs affecting Synacor Zimbra_collaboration_suite
CVESeverityScorePublishedSummary
CVE-2017-6821Critical9.82017-05-23Directory traversal vulnerability in Zimbra Collaboration Suite (aka ZCS) before 8.7.6 allows attackers to have unspecified impact via unknown vectors.
CVE-2017-6813Critical9.82017-05-23A service provided by Zimbra Collaboration Suite (ZCS) before 8.7.6 fails to require needed privileges before performing a few requested operations.
CVE-2016-9924Critical9.82017-03-29Zimbra Collaboration Suite (ZCS) before 8.7.4 allows remote attackers to conduct XML External Entity (XXE) attacks.
CVE-2016-3415Critical9.12017-01-18Zimbra Collaboration before 8.7.0 allows remote attackers to conduct deserialization attacks via unspecified vectors, aka bug 102276.
CVE-2016-3403High8.82017-05-17Multiple cross-site request forgery (CSRF) vulnerabilities in the Admin Console in Zimbra Collaboration before 8.6.0 Patch 8 allow remote attackers to hijack t…
CVE-2016-3406High8.82017-01-18Multiple cross-site request forgery (CSRF) vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to hijack the authentication of unspecif…
CVE-2016-4019High7.52017-01-18Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to affect integrity via unknown vectors, aka bug 104477.
CVE-2016-3413High7.52017-01-18Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to affect integrity via unknown vectors, aka bug 103996.
CVE-2016-3405High7.52017-01-18Multiple unspecified vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to affect integrity via unknown vectors, aka bugs 103961 and 1…
CVE-2016-3404High7.52017-01-18Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to affect integrity via unknown vectors, aka bug 103959.
CVE-2016-3402High7.52017-01-18Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to affect confidentiality via unknown vectors, aka bug 99167.
CVE-2016-3414Medium6.52017-01-18Unspecified vulnerability in Zimbra Collaboration before 8.6.0 Patch 7 allows remote authenticated users to affect availability via unknown vectors, aka bug 10…
CVE-2016-3401Medium6.52017-01-18Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote authenticated users to affect integrity via unknown vectors, aka bug 99810.
CVE-2017-7288Medium6.12017-05-23Cross-site scripting (XSS) vulnerability in Zimbra Collaboration Suite (ZCS) before 8.7.1 allows remote attackers to inject arbitrary web script or HTML via un…
CVE-2016-3999Medium6.12017-01-18Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unsp…
CVE-2016-3412Medium6.12017-01-18Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unsp…
CVE-2016-3411Medium6.12017-01-18Cross-site scripting (XSS) vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified ve…
CVE-2016-3410Medium6.12017-01-18Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unsp…
CVE-2016-3409Medium6.12017-01-18Cross-site scripting (XSS) vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified ve…
CVE-2016-3408Medium6.12017-01-18Cross-site scripting (XSS) vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified ve…