Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: synacor Clear
ID Title
CVE-2025-48700 KEV [KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaboration-suite-zcs (CVE-2025-48700)
cross-site scripting in Synacor zimbra-collaboration-suite-zcs (CVE-2025-48700). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-66376 KEV [KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaboration-suite-zcs (CVE-2025-66376)
cross-site scripting in Synacor zimbra-collaboration-suite-zcs (CVE-2025-66376). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-7796 KEV [KEV] SSRF (Server-Side Request Forgery) in Synacor zimbra-collaboration-suite (CVE-2020-7796)
SSRF in Synacor zimbra-collaboration-suite (CVE-2020-7796). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-68645 KEV [KEV] Vulnerability in Synacor zimbra-collaboration-suite-zcs (CVE-2025-68645)
vulnerability in Synacor zimbra-collaboration-suite-zcs (CVE-2025-68645). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-27915 KEV [KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaboration-suite-zcs (CVE-2025-27915)
cross-site scripting in Synacor zimbra-collaboration-suite-zcs (CVE-2025-27915). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-9621 KEV [KEV] SSRF (Server-Side Request Forgery) in Synacor zimbra-collaboration-suite-zcs (CVE-2019-9621)
SSRF in Synacor zimbra-collaboration-suite-zcs (CVE-2019-9621). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-27443 KEV [KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaboration-suite-zcs (CVE-2024-27443)
cross-site scripting in Synacor zimbra-collaboration-suite-zcs (CVE-2024-27443). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-34192 KEV [KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaboration-suite-zcs (CVE-2023-34192)
cross-site scripting in Synacor zimbra-collaboration-suite-zcs (CVE-2023-34192). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-45519 KEV [KEV] Vulnerability in Synacor zimbra-collaboration-suite-zcs (CVE-2024-45519)
vulnerability in Synacor zimbra-collaboration-suite-zcs (CVE-2024-45519). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-37580 KEV [KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaboration-suite-zcs (CVE-2023-37580)
cross-site scripting in Synacor zimbra-collaboration-suite-zcs (CVE-2023-37580). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-27926 KEV [KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaboration-suite-zcs (CVE-2022-27926)
cross-site scripting in Synacor zimbra-collaboration-suite-zcs (CVE-2022-27926). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-41352 KEV [KEV] Path Traversal in Synacor zimbra-collaboration-suite-zcs (CVE-2022-41352)
path traversal in Synacor zimbra-collaboration-suite-zcs (CVE-2022-41352). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-27925 KEV [KEV] Path Traversal in Synacor zimbra-collaboration-suite-zcs (CVE-2022-27925)
path traversal in Synacor zimbra-collaboration-suite-zcs (CVE-2022-27925). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-37042 KEV [KEV] Vulnerability in Synacor zimbra-collaboration-suite-zcs (CVE-2022-37042)
vulnerability in Synacor zimbra-collaboration-suite-zcs (CVE-2022-37042). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-27924 KEV [KEV] Vulnerability in Synacor zimbra-collaboration-suite-zcs (CVE-2022-27924)
vulnerability in Synacor zimbra-collaboration-suite-zcs (CVE-2022-27924). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2018-6882 KEV [KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaboration-suite-zcs (CVE-2018-6882)
cross-site scripting in Synacor zimbra-collaboration-suite-zcs (CVE-2018-6882). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-24682 KEV [KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaborate-suite-zcs (CVE-2022-24682)
cross-site scripting in Synacor zimbra-collaborate-suite-zcs (CVE-2022-24682). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-9670 KEV [KEV] XXE (XML External Entity) in Synacor zimbra-collaboration-suite-zcs (CVE-2019-9670)
vulnerability in Synacor zimbra-collaboration-suite-zcs (CVE-2019-9670). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2017-7288 Cross-Site Scripting (XSS) in synacor (CVE-2017-7288)
cross-site scripting in synacor (CVE-2017-7288). Risk of unauthorized operations or information disclosure.
CVE-2017-6821 Path Traversal in path-traversal (CVE-2017-6821)
path traversal in path-traversal (CVE-2017-6821). Successful exploitation can lead to full system takeover.
CVE-2017-6813 Vulnerability in synacor (CVE-2017-6813)
vulnerability in synacor (CVE-2017-6813). Successful exploitation can lead to full system takeover.
CVE-2016-3403 Cross-Site Request Forgery (CSRF) in csrf (CVE-2016-3403)
vulnerability in csrf (CVE-2016-3403). Successful exploitation can lead to full system takeover. Exploitable via `Referer header`.
CVE-2016-9924 XXE (XML External Entity) in synacor (CVE-2016-9924)
vulnerability in synacor (CVE-2016-9924). Successful exploitation can lead to full system takeover.
CVE-2016-3414 Vulnerability in synacor (CVE-2016-3414)
vulnerability in synacor (CVE-2016-3414). Risk of unauthorized operations or information disclosure.
CVE-2016-3401 Vulnerability in synacor (CVE-2016-3401)
vulnerability in synacor (CVE-2016-3401). Data can be tampered with by attackers.
CVE-2016-3402 Vulnerability in synacor (CVE-2016-3402)
vulnerability in synacor (CVE-2016-3402). Confidential information can be exposed externally.
CVE-2016-3404 Vulnerability in synacor (CVE-2016-3404)
vulnerability in synacor (CVE-2016-3404). Data can be tampered with by attackers.
CVE-2016-4019 Vulnerability in synacor (CVE-2016-4019)
vulnerability in synacor (CVE-2016-4019). Data can be tampered with by attackers.
CVE-2016-3999 Cross-Site Scripting (XSS) in synacor (CVE-2016-3999)
cross-site scripting in synacor (CVE-2016-3999). Risk of unauthorized operations or information disclosure.
CVE-2016-3415 Unsafe Deserialization in deserialization (CVE-2016-3415)
vulnerability in deserialization (CVE-2016-3415). Confidential information can be exposed externally.
CVE-2016-3405 Vulnerability in synacor (CVE-2016-3405)
vulnerability in synacor (CVE-2016-3405). Data can be tampered with by attackers.
CVE-2016-3413 Vulnerability in synacor (CVE-2016-3413)
vulnerability in synacor (CVE-2016-3413). Data can be tampered with by attackers.
CVE-2016-3412 Cross-Site Scripting (XSS) in synacor (CVE-2016-3412)
cross-site scripting in synacor (CVE-2016-3412). Risk of unauthorized operations or information disclosure.
CVE-2016-3411 Cross-Site Scripting (XSS) in synacor (CVE-2016-3411)
cross-site scripting in synacor (CVE-2016-3411). Risk of unauthorized operations or information disclosure.
CVE-2016-3410 Cross-Site Scripting (XSS) in synacor (CVE-2016-3410)
cross-site scripting in synacor (CVE-2016-3410). Risk of unauthorized operations or information disclosure.
CVE-2016-3409 Cross-Site Scripting (XSS) in synacor (CVE-2016-3409)
cross-site scripting in synacor (CVE-2016-3409). Risk of unauthorized operations or information disclosure.
CVE-2016-3408 Cross-Site Scripting (XSS) in synacor (CVE-2016-3408)
cross-site scripting in synacor (CVE-2016-3408). Risk of unauthorized operations or information disclosure.
CVE-2016-3407 Cross-Site Scripting (XSS) in synacor (CVE-2016-3407)
cross-site scripting in synacor (CVE-2016-3407). Risk of unauthorized operations or information disclosure.
CVE-2016-3406 Cross-Site Request Forgery (CSRF) in csrf (CVE-2016-3406)
vulnerability in csrf (CVE-2016-3406). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →