Filtered by vendor Gfi Subscriptions
Filtered by product Kerio Connect Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-25267 1 Gfi 1 Kerio Connect 2024-11-21 8.8 High
An issue was discovered in GFI Kerio Connect 9.4.1 patch 1 (fixed in 10.0.0). There is a stack-based Buffer Overflow in the webmail component's 2FASetup function via an authenticated request with a long primaryEMailAddress field to the webmail/api/jsonrpc URI.
CVE-2017-7440 3 Apple, Gfi, Microsoft 4 Macos, Kerio Connect, Kerio Connect Client and 1 more 2024-11-21 6.5 Medium
Kerio Connect 8.0.0 through 9.2.2, and Kerio Connect Client desktop application for Windows and Mac 9.2.0 through 9.2.2, when e-mail preview is enabled, allows remote attackers to conduct clickjacking attacks via a crafted e-mail message.