272 matches found
CVE-2021-33510
Plone through 5.2.4 allows remote authenticated managers to conduct SSRF attacks via an event ical URL, to read one line of a file...
UBUNTU-CVE-2021-28994
kopano-ical formerly zarafa-ical in Kopano Groupware Core through 8.7.16, 9.x through 9.1.0, 10.x through 10.0.7, and 11.x through 11.0.1 and Zarafa 6.30.x through 7.2.x allows memory exhaustion via long HTTP headers...
CVE-2021-28994
kopano-ical formerly zarafa-ical in Kopano Groupware Core through 8.7.16, 9.x through 9.1.0, 10.x through 10.0.7, and 11.x through 11.0.1 and Zarafa 6.30.x through 7.2.x allows memory exhaustion via long HTTP headers...
CVE-2021-28994
CVE-2021-28994 affects Kopano Groupware Core via kopano-ical (formerly zarafa-ical). The vulnerability causes memory exhaustion by processing long HTTP headers. Affected versions include Kopano Groupware Core up to 8.7.16, 9.x up to 9.1.0, 10.x up to 10.0.7, and 11.x up to 11.0.1, and Zarafa 6.30...
CVE-2019-11705
A flaw in Thunderbird's implementation of iCal causes a stack buffer overflow in icalrecuraddbydayrules when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7.1. Mitigation Thunderbird can be configured to use icaljs inste...
CVE-2019-11703
A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parsergetnextchar when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7.1. Mitigation Thunderbird can be configured to use icaljs instead of...
CVE-2019-11704
A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in icalmemorystrdupanddequote when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird 60.7.1. Mitigation Thunderbird can be configured to use icaljs...
CVE-2019-11706
A flaw in Thunderbird's implementation of iCal causes a type confusion in icaltimezonegetvtimezoneproperties when processing certain email messages, resulting in a crash. This vulnerability affects Thunderbird 60.7.1. Mitigation Thunderbird can be configured to use icaljs instead of libical by...
SOPlanning SQL Injection Vulnerability (CNVD-2020-10631)
SOPlanning is an online planning tool for efficiently organizing projects and tasks. SOPlanning 1.45 suffers from a SQL injection vulnerability. An attacker can exploit this vulnerability to execute commands via the users parameter of exportical.php...
CVE-2019-19907
HrAddFBBlock in libfreebusy/freebusyutil.cpp in Kopano Groupware Core before 8.7.7 allows out-of-bounds access, as demonstrated by mishandling of an array copy during parsing of ICal data...
CVE-2019-19907
HrAddFBBlock in libfreebusy/freebusyutil.cpp in Kopano Groupware Core before 8.7.7 allows out-of-bounds access, as demonstrated by mishandling of an array copy during parsing of ICal data...
UBUNTU-CVE-2019-19907
HrAddFBBlock in libfreebusy/freebusyutil.cpp in Kopano Groupware Core before 8.7.7 allows out-of-bounds access, as demonstrated by mishandling of an array copy during parsing of ICal data...
CVE-2019-19907
HrAddFBBlock in libfreebusy/freebusyutil.cpp in Kopano Groupware Core before 8.7.7 allows out-of-bounds access, as demonstrated by mishandling of an array copy during parsing of ICal data...
Design/Logic Flaw
HrAddFBBlock in libfreebusy/freebusyutil.cpp in Kopano Groupware Core before 8.7.7 allows out-of-bounds access, as demonstrated by mishandling of an array copy during parsing of ICal data...
PT-2019-15999 · Kopano +2 · Kopano Groupware Core +2
Name of the Vulnerable Software and Affected Versions: Kopano Groupware Core versions prior to 8.7.7 Description: The issue is related to out-of-bounds access in the HrAddFBBlock function, specifically during the parsing of ICal data. This occurs due to the mishandling of an array copy in the...
CVE-2019-19907
HrAddFBBlock in libfreebusy/freebusyutil.cpp in Kopano Groupware Core before 8.7.7 allows out-of-bounds access, as demonstrated by mishandling of an array copy during parsing of ICal data...
CVE-2019-19907
CVE-2019-19907 affects Kopano Groupware Core (Kopano Core) before 8.7.7. The vulnerability arises in HrAddFBBlock implemented in libfreebusy/freebusyutil.cpp, where an array copy during ICal data parsing can cause out-of-bounds access. Descriptions from NVD document a CVSS v3.1 base score of 9.8 ...
CVE-2019-19907
Removed by vendor...
The vulnerability of the icalmemory_strdup_and_dequote function in the iCal calendar software for Thunderbird email processing, related to the execution of operations outside the buffer in memory. This vulnerability allows an attacker to compromise data integrity, gain unauthorized access to protected information, and cause service failures.
The vulnerability of the icalmemorystrdupanddequote function in the iCal calendar software for Thunderbird email processing is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow an attacker to gain access to confidential data, compromise its integrity, and cau...
NewStart CGSL MAIN 4.06 : thunderbird Multiple Vulnerabilities (NS-SA-2019-0178)
The remote NewStart CGSL host, running version MAIN 4.06, has thunderbird packages installed that are affected by multiple vulnerabilities: - Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a...