Filtered by vendor Kopano
Subscribe
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-19907 | 1 Kopano | 1 Groupware Core | 2023-03-06 | 7.5 HIGH | 9.8 CRITICAL |
HrAddFBBlock in libfreebusy/freebusyutil.cpp in Kopano Groupware Core before 8.7.7 allows out-of-bounds access, as demonstrated by mishandling of an array copy during parsing of ICal data. | |||||
CVE-2022-26562 | 1 Kopano | 1 Groupware Core | 2023-03-06 | 7.5 HIGH | 9.8 CRITICAL |
An issue in provider/libserver/ECKrbAuth.cpp of Kopano-Core v11.0.2.51 contains an issue which allows attackers to authenticate even if the user account or password is expired. | |||||
CVE-2021-28994 | 2 Kopano, Zarafa | 2 Groupware Core, Zarafa | 2022-07-12 | 5.0 MEDIUM | 7.5 HIGH |
kopano-ical (formerly zarafa-ical) in Kopano Groupware Core through 8.7.16, 9.x through 9.1.0, 10.x through 10.0.7, and 11.x through 11.0.1 and Zarafa 6.30.x through 7.2.x allows memory exhaustion via long HTTP headers. | |||||
CVE-2017-11666 | 1 Kopano | 1 Webapp | 2017-08-07 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting (XSS) vulnerability in js/ViewerPanel.js in the file previewer plugin in Kopano WebApp versions 3.3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via a specially crafted previewable file. |