Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ical vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2023-1021
The amr ical events lists WordPress plugin up to and including 6.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for ex...
Amr-ical-events-list Project Amr-ical-events-list
NA
CVE-2008-2006
Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via a .ics file containing (1) a large 16-bit integer on a TRIGGER line,...
Apple Ical 3.0.1
2 EDB exploits
NA
CVE-2004-1021
iCal prior to 1.5.4 on Mac OS X 10.2.3, and other later versions, does not alert the user when handling calendars that use alarms, which allows malicious users to execute programs and send e-mail via alarms.
Apple Ical 1.5.3
NA
CVE-2008-1035
Use-after-free vulnerability in Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to trigger memory corruption or possibly execute arbitrary code via an "ATTACH;VALUE=URI:S=osumi" line in a .ics file, which triggers a "r...
Apple Ical 3.0.1
1 EDB exploit
8.8
CVSSv3
CVE-2023-41853
Cross-Site Request Forgery (CSRF) vulnerability in WP iCal Availability plugin <= 1.0.3 versions.
Wpicalavailability Wp Ical Availability
NA
CVE-2000-1073
csstart program in iCal 2.1 Patch 2 searches for the cshttpd program in the current working directory, which allows local users to gain root privileges by creating a Trojan Horse cshttpd program in a directory and calling csstart from that directory.
Netscape Iplanet Ical 2.1
NA
CVE-2000-1071
The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote malicious users to monitor X Windows events and gain privileges.
Netscape Iplanet Ical 2.1
NA
CVE-2000-1072
iCal 2.1 Patch 2 installs many files with world-writeable permissions, which allows local users to modify the iCal configuration and execute arbitrary commands by replacing the iplncal.sh program with a Trojan horse.
Netscape Iplanet Ical 2.1
1 EDB exploit
NA
CVE-2000-1074
csstart program in iCal 2.1 Patch 2 uses relative pathnames to install the libsocket and libnsl libraries, which could allow the icsuser account to gain root privileges by creating a Trojan Horse library in the current or parent directory.
Netscape Iplanet Ical 2.1
1 EDB exploit
NA
CVE-2003-1263
ICAL.EXE in iCal 3.7 allows remote malicious users to cause a denial of service (crash) via a malformed HTTP request, possibly due to an invalid method name.
Brown Bear Software Ical 3.7
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »