Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
the address book the address book vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2014-4352
Address Book in Apple iOS prior to 8 relies on the hardware UID for its encryption key, which makes it easier for physically proximate malicious users to obtain sensitive information by obtaining this UID.
Apple Iphone Os 7.0.6
Apple Iphone Os 7.0.5
Apple Iphone Os
Apple Iphone Os 7.0.2
Apple Iphone Os 7.0.1
Apple Iphone Os 7.0
Apple Iphone Os 7.1.1
Apple Iphone Os 7.1
Apple Iphone Os 7.0.4
Apple Iphone Os 7.0.3
3.5
CVSSv2
CVE-2021-46447
A cross-site scripting (XSS) vulnerability in H.H.G Multistore v5.1.0 and below allows malicious users to execute arbitrary web scripts or HTML via a crafted payload inserted into the State parameter under the Address Book module.
Hhg-multistore Multistore 4.10.3
Hhg-multistore Multistore
6.8
CVSSv2
CVE-2010-0885
Unspecified vulnerability in the Sun Java System Communications Express component in Oracle Sun Product Suite 6 2005Q4 (6.2) and and 6.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Address Book.
Oracle Sun Products Suite 6.3
Oracle Sun Products Suite 6.2
4.3
CVSSv2
CVE-2011-1335
Cross-site scripting (XSS) vulnerability in Cybozu Office 6, 7, and 8 prior to 8.1.1 allows remote malicious users to inject arbitrary web script or HTML via vectors related to the "address book and user list functions."
Cybozu Office 6
Cybozu Office 7
Cybozu Office 8
4.3
CVSSv2
CVE-2011-3444
Address Book in Apple Mac OS X prior to 10.7.3 automatically switches to unencrypted sessions upon failure of encrypted connections, which allows remote malicious users to read CardDAV data by terminating an encrypted connection and then sniffing the network.
Apple Mac Os X 10.7.0
Apple Mac Os X Server 10.7.1
Apple Mac Os X 10.7.1
Apple Mac Os X
Apple Mac Os X Server 10.7.0
Apple Mac Os X Server
3.5
CVSSv2
CVE-2018-8928
Cross-site scripting (XSS) vulnerability in Address Book Editor in Synology CardDAV Server prior to 6.0.8-0086 allows remote authenticated users to inject arbitrary web script or HTML via the (1) family_name, (2) given_name, or (3) additional_name parameter.
Synology Carddav Server
6.8
CVSSv2
CVE-2014-9587
Multiple cross-site request forgery (CSRF) vulnerabilities in Roundcube Webmail prior to 1.0.4 allow remote malicious users to hijack the authentication of unspecified victims via unknown vectors, related to (1) address book operations or the (2) ACL or (3) Managesieve plugins.
Roundcube Webmail
4.3
CVSSv2
CVE-2018-19887
An invalid memory address dereference exists in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 4 case.
Audiocoding Freeware Advanced Audio Coder 1.29.9.2
4.3
CVSSv2
CVE-2018-19886
An invalid memory address dereference exists in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 8 case.
Audiocoding Freeware Advanced Audio Coder 1.29.9.2
4.3
CVSSv2
CVE-2018-19889
An invalid memory address dereference exists in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 6 case.
Audiocoding Freeware Advanced Audio Coder 1.29.9.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »