Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
evolution vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-39361
In GNOME evolution-rss up to and including 0.3.96, network-soup.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.
Gnome Evolution-rss
7.5
CVSSv2
CVE-2003-0296
The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors.
Ximian Evolution 1.2.4
3.5
CVSSv2
CVE-2020-23238
Cross Site Scripting (XSS) vulnerability in Evolution CMS 2.0.2 via the Document Manager feature.
Evo Evolution Cms 2.0.2
7.5
CVSSv2
CVE-2006-4678
PHP remote file inclusion vulnerability in News Evolution 3.0.3 allows remote malicious users to execute arbitrary PHP code via the _NE[AbsPath] parameter in (1) install.php and (2) migrateNE2toNE3.php.
Comscripts News Evolution 3.0.3
1 EDB exploit
NA
CVE-2023-43340
Cross-site scripting (XSS) vulnerability in evolution v.3.2.3 allows a local malicious user to execute arbitrary code via a crafted payload injected into the cmsadmin, cmsadminemail, cmspassword and cmspasswordconfim parameters
Evo Evolution Cms 3.2.3
NA
CVE-2023-43341
Cross-site scripting (XSS) vulnerability in evolution evo v.3.2.3 allows a local malicious user to execute arbitrary code via a crafted payload injected uid parameter.
Evo Evolution Cms 3.2.3
3.5
CVSSv2
CVE-2019-14518
Evolution CMS 2.0.x allows XSS via a description and new category location in a template. NOTE: the vendor states that the behavior is consistent with the "access policy in the administration panel.
Modx Evolution Cms 2.0.0
4.3
CVSSv2
CVE-2011-3355
evolution-data-server3 3.0.3 up to and including 3.2.1 used insecure (non-SSL) connection when attempting to store sent email messages into the Sent folder, when the Sent folder was located on the remote server. An attacker could use this flaw to obtain login credentials of the v...
Gnome Evolution-data-server3
6.8
CVSSv2
CVE-2007-1002
Format string vulnerability in the write_html function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote malicious users to execute arbitrary code via format specifiers in the categories of ...
Evolution Shared Memo 2.8.2.1
6.8
CVSSv2
CVE-2009-3721
Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to write data in arbitrary locations on the filesystem, crash, or potentially ...
Gnome Evolution
Ytnef Project Ytnef
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »