Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
evolution vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1108
Buffer overflow in Evolution 2.22.1, when the ITip Formatter plugin is disabled, allows remote malicious users to execute arbitrary code via a long timezone string in an iCalendar attachment.
Gnome Evolution 2.2.1
NA
CVE-2008-1109
Heap-based buffer overflow in Evolution 2.22.1 allows user-assisted remote malicious users to execute arbitrary code via a long DESCRIPTION property in an iCalendar attachment, which is not properly handled during a reply in the calendar view (aka the Calendars window).
Gnome Evolution 2.22.1
5.2
CVSSv3
CVE-2023-43340
Cross-site scripting (XSS) vulnerability in evolution v.3.2.3 allows a local malicious user to execute arbitrary code via a crafted payload injected into the cmsadmin, cmsadminemail, cmspassword and cmspasswordconfim parameters
Evo Evolution Cms 3.2.3
6.1
CVSSv3
CVE-2023-43341
Cross-site scripting (XSS) vulnerability in evolution evo v.3.2.3 allows a local malicious user to execute arbitrary code via a crafted payload injected uid parameter.
Evo Evolution Cms 3.2.3
5.4
CVSSv3
CVE-2020-23238
Cross Site Scripting (XSS) vulnerability in Evolution CMS 2.0.2 via the Document Manager feature.
Evo Evolution Cms 2.0.2
NA
CVE-2007-1002
Format string vulnerability in the write_html function in calendar/gui/e-cal-component-memo-preview.c in Evolution Shared Memo 2.8.2.1, and possibly earlier versions, allows user-assisted remote malicious users to execute arbitrary code via format specifiers in the categories of ...
Evolution Shared Memo 2.8.2.1
7.3
CVSSv3
CVE-2011-3355
evolution-data-server3 3.0.3 up to and including 3.2.1 used insecure (non-SSL) connection when attempting to store sent email messages into the Sent folder, when the Sent folder was located on the remote server. An attacker could use this flaw to obtain login credentials of the v...
Gnome Evolution-data-server3
5.4
CVSSv3
CVE-2019-14518
Evolution CMS 2.0.x allows XSS via a description and new category location in a template. NOTE: the vendor states that the behavior is consistent with the "access policy in the administration panel.
Modx Evolution Cms 2.0.0
NA
CVE-2006-4678
PHP remote file inclusion vulnerability in News Evolution 3.0.3 allows remote malicious users to execute arbitrary PHP code via the _NE[AbsPath] parameter in (1) install.php and (2) migrateNE2toNE3.php.
Comscripts News Evolution 3.0.3
1 EDB exploit
7.8
CVSSv3
CVE-2009-3721
Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to write data in arbitrary locations on the filesystem, crash, or potentially ...
Gnome Evolution
Ytnef Project Ytnef
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »