evolution vulnerabilities and exploits

6.5
CVSSv2
CVE-2018-4407

A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5....

AppleIphone OsMac Os XTvosWatchos
7.5
CVSSv2
CVE-2019-5420

There is a possible a possible remote code executing exploit in Rails when in development mode. With some knowledge of a target application it is possible for an attacker to guess the automatically generated development mode secret token. This secret token can be used in...

RubyonrailsRailsDebianDebian Linux
NA
CVE-2018-18508

Hanno Böck and Damian Poddebniak discovered that NSS incorrectly handled certain CMS functions. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service....

NA
CVE-2013-1752

Python is updated to address multiple security issues....

4.3
CVSSv2
CVE-2018-15587

GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment....

10
CVSSv2
CVE-2018-15982

Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution....

3.5
CVSSv2
CVE-2018-16637

Evolution CMS 1.4.x allows XSS via the page weblink title parameter to the manager/ URI....

3.5
CVSSv2
CVE-2018-16638

Evolution CMS 1.4.x allows XSS via the manager/ search parameter....

6.8
CVSSv2
CVE-2018-1000889

Logisim Evolution version 2.14.3 and earlier contains an XML External Entity (XXE) vulnerability in Circuit file loading functionality (loadXmlFrom in src/com/cburch/logisim/file/XmlReader.java) that can result in information leak, possible RCE depending on system configuration....

9.3
CVSSv2
CVE-2018-8587

A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook....

MicrosoftOfficeOffice 365 Proplus