Synacor Zimbra Collaboration Suite up to 8.8.15 Patch 22/9.0.0 Patch 15 Auth Token /preauth redirectURL

A vulnerability classified as problematic has been found in Synacor Zimbra Collaboration Suite up to 8.8.15 Patch 22/9.0.0 Patch 15 (Groupware Software). Affected is an unknown functionality of the file /preauth of the component Auth Token Handler. Applying the patch 8.8.15 Patch 23/9.0.0 Patch 16 is able to eliminate this problem. The bugfix is ready for download at wiki.zimbra.com.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-21511 : MYSQL2 UP TO 3.9.6 READCODEFOR TIMEZONE CODE INJECTION

CVE-2024-21511 : MYSQL2 UP TO 3.9.6 READCODEFOR TIMEZONE CODE INJECTION

Description Versions of the package mysql2 before 3.9.7 are vulnerable to Arbitrary Code Injection due to improper sanitization of the

CVE-2024-29733 : APACHE AIRFLOW UP TO 3.6.X FTP PROVIDER CERTIFICATE VALIDATION

CVE-2024-29733 : APACHE AIRFLOW UP TO 3.6.X FTP PROVIDER CERTIFICATE VALIDATION

Description Improper Certificate Validation vulnerability in Apache Airflow FTP Provider. The FTP hook lacks complete certificate validation in FTP_TLS connections,

CVE-2024-29204 : IVANTI AVALANCHE UP TO 6.4.2 WLAVALANCHESERVICE HEAP-BASED OVERFLOW

CVE-2024-29204 : IVANTI AVALANCHE UP TO 6.4.2 WLAVALANCHESERVICE HEAP-BASED OVERFLOW

Description A Heap Overflow vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3 allows a remote unauthenticated attacker to execute