Vulnerabilities > Zarafa > Zarafa > 6.40.16
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-31 | CVE-2021-28994 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products kopano-ical (formerly zarafa-ical) in Kopano Groupware Core through 8.7.16, 9.x through 9.1.0, 10.x through 10.0.7, and 11.x through 11.0.1 and Zarafa 6.30.x through 7.2.x allows memory exhaustion via long HTTP headers. | 5.0 |
| 2014-07-29 | CVE-2014-0103 | Cryptographic Issues vulnerability in multiple products WebAccess in Zarafa before 7.1.10 and WebApp before 1.6 stores credentials in cleartext, which allows local Apache users to obtain sensitive information by reading the PHP session files. | 2.1 |
| 2014-04-28 | CVE-2014-0037 | Improper Input Validation vulnerability in Zarafa The ValidateUserLogon function in provider/libserver/ECSession.cpp in Zarafa 5.00 before 7.1.8 beta2 allows remote attackers to cause a denial of service (crash) via vectors related to "a NULL pointer of the username." | 5.0 |