Filtered by vendor Gfi
Subscribe
Total
23 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-25267 | 1 Gfi | 1 Kerio Connect | 2024-11-21 | N/A | 8.8 HIGH |
| An issue was discovered in GFI Kerio Connect 9.4.1 patch 1 (fixed in 10.0.0). There is a stack-based Buffer Overflow in the webmail component's 2FASetup function via an authenticated request with a long primaryEMailAddress field to the webmail/api/jsonrpc URI. | |||||
| CVE-2021-29281 | 1 Gfi | 1 Archiver | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| File upload vulnerability in GFI Mail Archiver versions up to and including 15.1 via insecure implementation of Telerik Web UI plugin which is affected by CVE-2014-2217, and CVE-2017-11317. | |||||
| CVE-2019-16414 | 1 Gfi | 1 Kerio Control | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A DOM based XSS in GFI Kerio Control v9.3.0 allows embedding of malicious code and manipulating the login page to send back a victim's cleartext credentials to an attacker via a login/?reason=failure&NTLM= URI. | |||||