Vulnerabilities > Zarafa

DATE	CVE	VULNERABILITY TITLE	RISK
2021-03-31	CVE-2021-28994	Allocation of Resources Without Limits or Throttling vulnerability in multiple products kopano-ical (formerly zarafa-ical) in Kopano Groupware Core through 8.7.16, 9.x through 9.1.0, 10.x through 10.0.7, and 11.x through 11.0.1 and Zarafa 6.30.x through 7.2.x allows memory exhaustion via long HTTP headers. network low complexity kopano zarafa CWE-770	7.5
2019-04-11	CVE-2019-7219	Cross-site Scripting vulnerability in Zarafa Webaccess 7.2.048204 Unauthenticated reflected cross-site scripting (XSS) exists in Zarafa Webapp 2.0.1.47791 and earlier. network low complexity zarafa CWE-79	6.1
2018-03-19	CVE-2014-5450	Information Exposure vulnerability in Zarafa Collaboration Platform 4.1 Zarafa Collaboration Platform 4.1 uses world-readable permissions for /etc/zarafa/license, which allows local users to obtain sensitive information by reading license files. local low complexity zarafa CWE-200	5.5
2016-01-11	CVE-2015-6566	Link Following vulnerability in multiple products zarafa-autorespond in Zarafa Collaboration Platform (ZCP) before 7.2.1 allows local users to gain privileges via a symlink attack on /tmp/zarafa-vacation-*. local low complexity zarafa fedoraproject CWE-59	8.4

Vulnerabilities > Zarafa {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Zarafa"}]}