Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
the address book the address book vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-19889
An invalid memory address dereference exists in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 6 case.
Audiocoding Freeware Advanced Audio Coder 1.29.9.2
4.3
CVSSv2
CVE-2018-19891
An invalid memory address dereference exists in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 10 case.
Audiocoding Freeware Advanced Audio Coder 1.29.9.2
4.3
CVSSv2
CVE-2005-4840
The Outlook Express Address Book control, when using Internet Explorer 6, allows remote malicious users to cause a denial of service (NULL dereference and browser crash) by creating the OutlookExpress.AddressBook COM object, which is not intended for use within Internet Explorer.
Microsoft Outlook Express Book Control
NA
CVE-2023-36633
An improper authorization vulnerability [CWE-285] in FortiMail webmail version 7.2.0 up to and including 7.2.2 and prior to 7.0.5 allows an authenticated malicious user to see and modify the title of address book folders of other users via crafted HTTP or HTTPs requests.
Fortinet Fortimail
4.3
CVSSv2
CVE-2012-3714
The Form Autofill feature in Apple Safari prior to 6.0.1 does not restrict the filled fields to the set of fields contained in an Autofill popover, which allows remote malicious users to obtain the Me card from an Address Book via a crafted web site.
Apple Safari 3.0.1
Apple Safari 4.0.3
Apple Safari 3.2.2b
Apple Safari 3.2.2
Apple Safari 4.0.1
Apple Safari 4.0
Apple Safari 2.0.2
Apple Safari 2.0.3
Apple Safari 1.2.4
Apple Safari 1.2.5
Apple Safari 1.0
Apple Safari 1.0.3
Apple Safari 5.0.5
Apple Safari 1.3.0
Apple Safari 1.2.0
Apple Safari 3.0.1b
Apple Safari 3.0.3b
Apple Safari 5.0.6
Apple Safari 3.1.0b
Apple Safari 5.1.5
Apple Safari 5.1.6
Apple Safari 5.1.7
9.3
CVSSv2
CVE-2008-1250
Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface on the central phone server for the Snom 320 SIP Phone allow remote malicious users to perform actions as the phone user, as demonstrated by inserting an address-book entry containing an XSS sequence.
Snom 320 Sip Phone
4.3
CVSSv2
CVE-2005-1282
Multiple cross-site scripting (XSS) vulnerabilities in Argosoft Mail Server Pro 1.8.7.6 allow remote malicious users to inject arbitrary web script or HTML via (1) the src parameter in an IMG tag, (2) User settings, or (3) Address book input boxes in the webmail interface.
Argosoft Argosoft Mail Server 1.8.7.6
6.5
CVSSv2
CVE-2014-3978
SQL injection vulnerability in TomatoCart 1.1.8.6.1 allows remote authenticated users to execute arbitrary SQL commands via the First Name and Last Name fields in a new address book contact.
Tomatocart Tomatocart 1.1.8.6.1
1 EDB exploit
2.6
CVSSv2
CVE-2010-1796
The AutoFill feature in Apple Safari prior to 5.0.1 on Mac OS X 10.5 up to and including 10.6 and Windows, and prior to 4.1.1 on Mac OS X 10.4, allows remote malicious users to obtain sensitive Address Book Card information via JavaScript code that forces keystroke events for inp...
Apple Safari 4.0.1
Apple Safari 4.0
Apple Safari
Apple Safari 4.0.5
Apple Webkit
Apple Safari 4.0.4
Apple Safari 4.0.3
Apple Safari 4.0.0b
Apple Safari 4.0.2
4.3
CVSSv2
CVE-2020-25890
The web application of Kyocera printer (ECOSYS M2640IDW) is affected by Stored XSS vulnerability, discovered in the addition a new contact in "Machine Address Book". Successful exploitation of this vulnerability can lead to session hijacking of the administrator in the ...
Kyocera Ecosys M2640idw Firmware -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »