Lucene search
K

21 matches found

EUVD
EUVD
added 2026/05/13 9:32 p.m.25 views

EUVD-2026-30134

A cross-site scripting XSS vulnerability exists in Alinto SOGo, version 5.12.7. A maliciously crafted ICS calendar invitation files allows arbitrary JavaScript execution within the authenticated SOGo webmail session. The issue occurs because SVG content embedded in the description field of an ICS...

6.1CVSS6AI score0.00283EPSS
Exploits0References4
NVD
NVD
added 2025/10/24 6:15 a.m.5 views

CVE-2025-9158

The Request Tracker software is vulnerable to a Stored XSS vulnerability in calendar invitation parsing feature, which displays invitation data without HTML sanitization. XSS vulnerability allows an attacker to send a specifically crafted e-mail enabling JavaScript code execution by displaying th...

5.3CVSS0.00404EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/24 6:0 a.m.9 views

CVE-2025-9158 Stored XSS in Request Tracker

The Request Tracker software is vulnerable to a Stored XSS vulnerability in calendar invitation parsing feature, which displays invitation data without HTML sanitization. XSS vulnerability allows an attacker to send a specifically crafted e-mail enabling JavaScript code execution by displaying th...

5.3CVSS0.00404EPSS
Exploits0References2
CVE
CVE
added 2025/10/24 6:0 a.m.11 views

CVE-2025-9158

CVE-2025-9158 affects Request Tracker: Stored XSS in the calendar invitation parsing feature that does not sanitize HTML, enabling JavaScript execution when a crafted invitation is displayed to a logged-in user. Affected versions: 5.0.4–5.0.8 and 6.0.0–6.0.1. Documented across multiple feeds (NVD...

5.3CVSS6.2AI score0.00404EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-25147

Malware in sbrugna...

6.5CVSS6.4AI score0.01246EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2023-31687

Malicious code in bioql PyPI...

5.5CVSS6.4AI score0.00238EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/22 3:36 p.m.6 views

CVE-2020-3882

This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.5. Importing a maliciously crafted calendar invitation may exfiltrate user information...

6.5CVSS6AI score0.01246EPSS
Exploits0
OSV
OSV
added 2023/05/08 8:15 p.m.3 views

CVE-2023-27961

Multiple validation issues were addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, watchOS 9.4, macOS Big Sur 11.7.5. Importing a maliciously crafted calendar invitation may exfiltra...

5.5CVSS6.7AI score0.00238EPSS
Exploits0References6
Prion
Prion
added 2023/05/08 8:15 p.m.18 views

Input validation

Multiple validation issues were addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, watchOS 9.4, macOS Big Sur 11.7.5. Importing a maliciously crafted calendar invitation may exfiltra...

1.9CVSS6AI score0.00238EPSS
Exploits0References6Affected Software4
Cvelist
Cvelist
added 2023/05/08 12:0 a.m.23 views

CVE-2023-27961

Multiple validation issues were addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, watchOS 9.4, macOS Big Sur 11.7.5. Importing a maliciously crafted calendar invitation may exfiltra...

6.6AI score0.00238EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/03/27 12:0 a.m.3 views

PT-2023-21454 · Apple · Macos Monterey +6

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.3 iOS versions prior to 16.4 iPadOS versions prior to 16.4 iOS versions prior to 15.7.4 iPadOS versions prior to 15.7.4 macOS Monterey versions prior to 12.6.4 watchOS versions prior to 9.4 macOS Big Sur versions...

5.5CVSS7.1AI score0.00238EPSS
Exploits0References13
Apple
Apple
added 2023/03/27 12:0 a.m.44 views

About the security content of watchOS 9.4

About the security content of watchOS 9.4 This document describes the security content of watchOS 9.4. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

7.8CVSS8.8AI score0.00926EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2020/06/09 4:15 p.m.0 views

CVE-2020-3882

This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.5. Importing a maliciously crafted calendar invitation may exfiltrate user information...

6.5CVSS6.6AI score
Exploits0References1
NVD
NVD
added 2020/06/09 4:15 p.m.17 views

CVE-2020-3882

This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.5. Importing a maliciously crafted calendar invitation may exfiltrate user information...

6.5CVSS6.1AI score0.01246EPSS
Exploits0References1
Prion
Prion
added 2020/06/09 4:15 p.m.12 views

Information disclosure

This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.5. Importing a maliciously crafted calendar invitation may exfiltrate user information...

4.3CVSS6AI score0.01246EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/06/09 3:59 p.m.21 views

CVE-2020-3882

This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.5. Importing a maliciously crafted calendar invitation may exfiltrate user information...

6.2AI score0.01246EPSS
Exploits0References1
seebug.org
seebug.org
added 2011/07/20 12:0 a.m.18 views

Lotus Domino SMTP router, EMAIL server and client DoS

No description provided by source. Exploit Title: Lotus Domino SMTP router, EMAIL server and client DoS - all 3 may crash Date: July 16, 2011 Author: None - looks like a malformed Kerio generated calendar invitation was the reason this was discovered...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2011/07/19 12:0 a.m.19 views

Lotus Domino Denial Of Service

Exploit Title: Lotus Domino SMTP router, EMAIL server and client DoS - all 3 may crash Date: July 16, 2011 Author: None - looks like a malformed Kerio generated calendar invitation was the reason this was discovered -http://forums.kerio.com/index.php?t=msg&th=19863&start=0 Software Link: none -...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2011/07/19 12:0 a.m.26 views

Lotus Domino SMTP Router & Email Server and Client - Denial of Service

Exploit Title: Lotus Domino SMTP router, EMAIL server and client DoS - all 3 may crash Date: July 16, 2011 Author: None - looks like a malformed Kerio generated calendar invitation was the reason this was discovered -http://forums.kerio.com/index.php?t=msg&th=19863&start=0 Software Link: none -...

7.4AI score
Exploits0
Prion
Prion
added 2010/09/16 9:0 p.m.27 views

Stack overflow

Stack-based buffer overflow in the MailCheck821Address function in nnotes.dll in the nrouter.exe service in the server in IBM Lotus Domino 8.0.x before 8.0.2 FP5 and 8.5.x before 8.5.1 FP2 allows remote attackers to execute arbitrary code via a long e-mail address in an ORGANIZER:mailto header in...

9.3CVSS8.4AI score0.41475EPSS
Exploits9References14Affected Software1
Rows per page
Query Builder