Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ical vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-1021
The amr ical events lists WordPress plugin up to and including 6.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for ex...
Amr-ical-events-list Project Amr-ical-events-list
4.3
CVSSv2
CVE-2008-1035
Use-after-free vulnerability in Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to trigger memory corruption or possibly execute arbitrary code via an "ATTACH;VALUE=URI:S=osumi" line in a .ics file, which triggers a "r...
Apple Ical 3.0.1
1 EDB exploit
7.5
CVSSv2
CVE-2004-1021
iCal prior to 1.5.4 on Mac OS X 10.2.3, and other later versions, does not alert the user when handling calendars that use alarms, which allows malicious users to execute programs and send e-mail via alarms.
Apple Ical 1.5.3
4.3
CVSSv2
CVE-2008-2006
Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via a .ics file containing (1) a large 16-bit integer on a TRIGGER line,...
Apple Ical 3.0.1
2 EDB exploits
NA
CVE-2023-41853
Cross-Site Request Forgery (CSRF) vulnerability in WP iCal Availability plugin <= 1.0.3 versions.
Wpicalavailability Wp Ical Availability
10
CVSSv2
CVE-2000-1071
The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote malicious users to monitor X Windows events and gain privileges.
Netscape Iplanet Ical 2.1
7.2
CVSSv2
CVE-2000-1072
iCal 2.1 Patch 2 installs many files with world-writeable permissions, which allows local users to modify the iCal configuration and execute arbitrary commands by replacing the iplncal.sh program with a Trojan horse.
Netscape Iplanet Ical 2.1
1 EDB exploit
7.2
CVSSv2
CVE-2000-1073
csstart program in iCal 2.1 Patch 2 searches for the cshttpd program in the current working directory, which allows local users to gain root privileges by creating a Trojan Horse cshttpd program in a directory and calling csstart from that directory.
Netscape Iplanet Ical 2.1
10
CVSSv2
CVE-2000-1074
csstart program in iCal 2.1 Patch 2 uses relative pathnames to install the libsocket and libnsl libraries, which could allow the icsuser account to gain root privileges by creating a Trojan Horse library in the current or parent directory.
Netscape Iplanet Ical 2.1
1 EDB exploit
5
CVSSv2
CVE-2003-1263
ICAL.EXE in iCal 3.7 allows remote malicious users to cause a denial of service (crash) via a malformed HTTP request, possibly due to an invalid method name.
Brown Bear Software Ical 3.7
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »