Vulnerabilidades en GFI
15 resultadosCVE-2024-52875HIGHAn issue was discovered in GFI Kerio Control 9.2.5 through 9.4.5. The dest GET parameter passed to the /nonauth/addCertException.cs and /nonEPSS 27.3%CVE-2024-11948CRITICALGFI Archiver Telerik Web UI Remote Code Execution VulnerabilityEPSS 1.4%CVE-2026-2037HIGHGFI Archiver MArc.Core Deserialization of Untrusted Data Remote Code Execution VulnerabilityEPSS 1.1%CVE-2026-2036HIGHGFI Archiver MArc.Store Deserialization of Untrusted Data Remote Code Execution VulnerabilityEPSS 1.1%CVE-2024-11947HIGHGFI Archiver Core Service Deserialization of Untrusted Data Remote Code Execution VulnerabilityEPSS 0.8%CVE-2024-11949HIGHGFI Archiver Store Service Deserialization of Untrusted Data Remote Code Execution VulnerabilityEPSS 0.8%CVE-2025-34491HIGHGFI MailEssentials < 21.8 MultiNode Insecure DeserializationEPSS 0.7%CVE-2026-2039HIGHGFI Archiver MArc.Store Missing Authorization Authentication Bypass VulnerabilityEPSS 0.7%CVE-2026-2038HIGHGFI Archiver MArc.Core Missing Authorization Authentication Bypass VulnerabilityEPSS 0.7%CVE-2025-34490MEDIUMGFI MailEssentials < 21.8 XXE Arbitrary File ReadEPSS 0.6%CVE-2025-35940HIGHHard-coded ArchiverSpaApi JWT Signing KeyEPSS 0.3%CVE-2025-34489HIGHGFI MailEssentials < 21.8 Local Privilege EscalationEPSS 0.3%CVE-2025-2977MEDIUMGFI KerioConnect PDF File cross site scriptingEPSS 0.3%CVE-2025-2975MEDIUMGFI KerioConnect Signature EditHtmlSource cross site scriptingEPSS 0.3%CVE-2025-2976MEDIUMGFI KerioConnect File Upload cross site scriptingEPSS 0.2%