Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
evolution vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2018-1000889
Logisim Evolution version 2.14.3 and previous versions contains an XML External Entity (XXE) vulnerability in Circuit file loading functionality (loadXmlFrom in src/com/cburch/logisim/file/XmlReader.java) that can result in information leak, possible RCE depending on system confi...
Logisim-evolution Project Logisim-evolution
755
VMScore
CVE-2007-6188
Multiple directory traversal vulnerabilities in TuMusika Evolution 1.7R5 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the language parameter to (1) languages_n.php, (2) languages_f.php, or (3) languages.php in inc/; and (4) allow...
Tumusika Evolution Tumusika Evolution 1.7r5
1 EDB exploit
785
VMScore
CVE-2007-6221
TuMusika Evolution 1.7R5 allows remote malicious users to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Tumusika Evolution Tumusika Evolution 1.7r5
1 EDB exploit
481
VMScore
CVE-2014-5590
The Snake Evolution (aka com.btwgames.snake) application 1.3.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Snake Evolution Project Snake Evolution 1.3.1
445
VMScore
CVE-2002-1765
Evolution 1.0.3 and 1.0.4 allows remote malicious users to cause a denial of service (memory consumption and crash) via an email with a malformed MIME header.
Ximian Evolution 1.0.3
Ximian Evolution 1.0.4
516
VMScore
CVE-2009-0582
The ntlm_challenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in Camel in Evolution Data Server (aka evolution-data-server) 2.24.5 and previous versions, and 2.25.92 and previous versions 2.25.x versions, does not validate whether a certain leng...
Gnome Evolution-data-server
Gnome Evolution-data-server 2.25.92
383
VMScore
CVE-2020-11879
An issue exists in GNOME Evolution prior to 3.35.91. By using the proprietary (non-RFC6068) "mailto?attach=..." parameter, a website (or other source of mailto links) can make Evolution attach local files or directories to a composed email message without showing a warn...
Gnome Evolution
2 Articles
505
VMScore
CVE-2007-1266
Evolution 2.8.1 and previous versions does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote malicious users t...
Gnome Evolution
1 EDB exploit
668
VMScore
CVE-2018-12422
addressbook/backends/ldap/e-book-backend-ldap.c in Evolution-Data-Server in GNOME Evolution up to and including 3.29.2 might allow malicious users to trigger a Buffer Overflow via a long query that is processed by the strcat function. NOTE: the software maintainer disputes this b...
Gnome Evolution
187
VMScore
CVE-2021-3349
GNOME Evolution up to and including 3.38.3 produces a "Valid signature" message for an unknown identifier on a previously trusted key because Evolution does not retrieve enough information from the GnuPG API. NOTE: third parties dispute the significance of this issue, a...
Gnome Evolution
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »