Zimbra Collaboration Server CVEs and Security Vulnerabilities

Export limit exceeded: 23315 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2015-6541	1 Zimbra	1 Zimbra Collaboration Server	2025-04-12	N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in the Mail interface in Zimbra Collaboration Server (ZCS) before 8.5 allow remote attackers to hijack the authentication of arbitrary users for requests that change account preferences via a SOAP request to service/soap/BatchRequest.
CVE-2016-5721	1 Zimbra	1 Zimbra Collaboration Server	2025-04-12	N/A
Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Page 1 of 1.