Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
evolution vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-1000889
Logisim Evolution version 2.14.3 and previous versions contains an XML External Entity (XXE) vulnerability in Circuit file loading functionality (loadXmlFrom in src/com/cburch/logisim/file/XmlReader.java) that can result in information leak, possible RCE depending on system confi...
Logisim-evolution Project Logisim-evolution
NA
CVE-2006-5090
Multiple cross-site scripting (XSS) vulnerabilities in Phoenix Evolution CMS (PECMS) allow remote malicious users to inject arbitrary web script or HTML via the (1) mod or (2) action parameters in index.php, or the (3) pageid parameter in modules/pageedit/index.php. NOTE: the pro...
Phoenix Evolution Phoenix Evolution Cms
2 EDB exploits
NA
CVE-2007-2090
Cross-site scripting (XSS) vulnerability in index.php in TuMusika Evolution 1.6 allows remote malicious users to inject arbitrary web script or HTML via the msg parameter.
Tumusika Evolution Tumusika Evolution 1.6
1 EDB exploit
NA
CVE-2014-5590
The Snake Evolution (aka com.btwgames.snake) application 1.3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Snake Evolution Project Snake Evolution 1.3.1
NA
CVE-2002-1765
Evolution 1.0.3 and 1.0.4 allows remote malicious users to cause a denial of service (memory consumption and crash) via an email with a malformed MIME header.
Ximian Evolution 1.0.3
Ximian Evolution 1.0.4
NA
CVE-2009-0582
The ntlm_challenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in Camel in Evolution Data Server (aka evolution-data-server) 2.24.5 and previous versions, and 2.25.92 and previous versions 2.25.x versions, does not validate whether a certain leng...
Gnome Evolution-data-server
Gnome Evolution-data-server 2.25.92
NA
CVE-2014-1223
Cross-site scripting (XSS) vulnerability in controlpanel/loading.aspx in Telligent Evolution prior to 6.1.19.36103, 7.x prior to 7.1.12.36162, 7.5.x, and 7.6.x prior to 7.6.7.36651 allows remote malicious users to inject arbitrary web script or HTML via the msg parameter. NOTE: s...
Telligent Evolution
NA
CVE-2008-0072
Format string vulnerability in the emf_multipart_encrypted function in mail/em-format.c in Evolution 2.12.3 and previous versions allows remote malicious users to execute arbitrary code via a crafted encrypted message, as demonstrated using the Version field.
Gnome Evolution
6.5
CVSSv3
CVE-2020-11879
An issue exists in GNOME Evolution prior to 3.35.91. By using the proprietary (non-RFC6068) "mailto?attach=..." parameter, a website (or other source of mailto links) can make Evolution attach local files or directories to a composed email message without showing a warn...
Gnome Evolution
2 Articles
3.3
CVSSv3
CVE-2021-3349
GNOME Evolution up to and including 3.38.3 produces a "Valid signature" message for an unknown identifier on a previously trusted key because Evolution does not retrieve enough information from the GnuPG API. NOTE: third parties dispute the significance of this issue, a...
Gnome Evolution
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002
CVE-2006-4304
CVE-2024-4336
CVE-2024-33437
CVE-2024-4340
CVE-2024-27956
privilege
insecure direct object reference
XSS
item search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »