Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
calendar vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-30678
Potential zip path traversal vulnerability in Calendar application prior to version 12.4.07.15 in Android 13 allows malicious users to write arbitrary file.
Samsung Calendar
356
VMScore
CVE-2018-13299
Relative path traversal vulnerability in Attachment Uploader in Synology Calendar prior to 2.2.2-0532 allows remote authenticated users to upload arbitrary files via the filename parameter.
Synology Calendar
NA
CVE-2022-27617
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology Calendar prior to 2.3.4-0631 allows remote authenticated users to download arbitrary files via unspecified vectors.
Synology Calendar
NA
CVE-2023-33183
Calendar app for Nextcloud easily sync events from various devices with your Nextcloud. Some internal paths of the website are disclosed when the SMTP server is unavailable. It is recommended that the Calendar app is updated to 3.5.5 or 4.2.3
Nextcloud Calendar
356
VMScore
CVE-2017-15891
Improper access control vulnerability in SYNO.Cal.EventBase in Synology Calendar prior to 2.0.1-0242 allows remote authenticated users to modify calendar event via unspecified vectors.
Synology Calendar
NA
CVE-2023-48308
Nextcloud/Cloud is a calendar app for Nextcloud. An attacker can gain access to stacktrace and internal paths of the server when generating an exception while editing a calendar appointment. It is recommended that the Nextcloud Calendar app is upgraded to 4.5.3
Nextcloud Calendar
668
VMScore
CVE-2022-24838
Nextcloud Calendar is a calendar application for the nextcloud framework. SMTP Command Injection in Appointment Emails via Newlines: as newlines and special characters are not sanitized in the email value in the JSON request, a malicious attacker can inject newlines to break out ...
Nextcloud Calendar
NA
CVE-2023-21464
Improper access control in Samsung Calendar prior to versions 12.4.02.9000 in Android 13 and 12.3.08.2000 in Android 12 allows local malicious user to configure improper status.
Samsung Calendar
NA
CVE-2022-39915
Improper access control vulnerability in Calendar prior to versions 11.6.08.0 in Android Q(10), 12.2.11.3000 in Android R(11), 12.3.07.2000 in Android S(12), and 12.4.02.0 in Android T(13) allows malicious users to access sensitive information via implicit intent.
Samsung Calendar
312
VMScore
CVE-2018-18872
The Kieran O'Shea Calendar plugin prior to 1.3.11 for WordPress has Stored XSS via the event_title parameter in a wp-admin/admin.php?page=calendar add action, or the category name during category creation at the wp-admin/admin.php?page=calendar-categories URI.
Kieranoshea Calendar
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »