Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
evolution vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-6221
TuMusika Evolution 1.7R5 allows remote malicious users to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tumusika Evolution Tumusika Evolution 1.7r5
1 EDB exploit
8.8
CVSSv3
CVE-2018-1000889
Logisim Evolution version 2.14.3 and previous versions contains an XML External Entity (XXE) vulnerability in Circuit file loading functionality (loadXmlFrom in src/com/cburch/logisim/file/XmlReader.java) that can result in information leak, possible RCE depending on system confi...
Logisim-evolution Project Logisim-evolution
NA
CVE-2006-5090
Multiple cross-site scripting (XSS) vulnerabilities in Phoenix Evolution CMS (PECMS) allow remote malicious users to inject arbitrary web script or HTML via the (1) mod or (2) action parameters in index.php, or the (3) pageid parameter in modules/pageedit/index.php. NOTE: the pro...
Phoenix Evolution Phoenix Evolution Cms
2 EDB exploits
NA
CVE-2002-1765
Evolution 1.0.3 and 1.0.4 allows remote malicious users to cause a denial of service (memory consumption and crash) via an email with a malformed MIME header.
Ximian Evolution 1.0.3
Ximian Evolution 1.0.4
NA
CVE-2014-5590
The Snake Evolution (aka com.btwgames.snake) application 1.3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Snake Evolution Project Snake Evolution 1.3.1
NA
CVE-2009-0582
The ntlm_challenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in Camel in Evolution Data Server (aka evolution-data-server) 2.24.5 and previous versions, and 2.25.92 and previous versions 2.25.x versions, does not validate whether a certain leng...
Gnome Evolution-data-server
Gnome Evolution-data-server 2.25.92
NA
CVE-2008-0072
Format string vulnerability in the emf_multipart_encrypted function in mail/em-format.c in Evolution 2.12.3 and previous versions allows remote malicious users to execute arbitrary code via a crafted encrypted message, as demonstrated using the Version field.
Gnome Evolution
NA
CVE-2007-1266
Evolution 2.8.1 and previous versions does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote malicious users t...
Gnome Evolution
1 EDB exploit
3.3
CVSSv3
CVE-2021-3349
GNOME Evolution up to and including 3.38.3 produces a "Valid signature" message for an unknown identifier on a previously trusted key because Evolution does not retrieve enough information from the GnuPG API. NOTE: third parties dispute the significance of this issue, a...
Gnome Evolution
6.5
CVSSv3
CVE-2020-11879
An issue exists in GNOME Evolution prior to 3.35.91. By using the proprietary (non-RFC6068) "mailto?attach=..." parameter, a website (or other source of mailto links) can make Evolution attach local files or directories to a composed email message without showing a warn...
Gnome Evolution
2 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »