CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

Snyk•added 2025/10/07 12:31 a.m.•6 views

HTTP Response Splitting

Overview Affected versions of this package are vulnerable to HTTP Response Splitting via the Content-Disposition header. An attacker can manipulate the file extension of downloaded vCard files by supplying crafted input, potentially leading to user confusion or further exploitation. Remediation...

5.4CVSS7AI score0.00204EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2006-1360

Malware in sbrugna...

5.1CVSS6.3AI score0.04383EPSS

Exploits1References6

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2010-4085

Malware in sbrugna...

4.3CVSS6.3AI score0.01728EPSS

Exploits0References5

RedhatCVE•added 2025/05/23 6:40 a.m.•7 views

CVE-2024-45513

An issue was discovered in Zimbra Collaboration ZCS through 10.1. A stored Cross-Site Scripting XSS vulnerability exists in the /modern/contacts/print endpoint of Zimbra webmail. This allows an attacker to inject and execute arbitrary JavaScript code in the context of the victim's browser when a...

4.8CVSS4.8AI score0.00392EPSS

Exploits0References1

Vulnrichment•added 2024/11/21 12:0 a.m.•12 views

CVE-2024-45513

5.6AI score0.00392EPSS

Exploits0References5

Cvelist•added 2024/11/21 12:0 a.m.•12 views

CVE-2024-45513

0.00392EPSS

Exploits0References5

SUSE CVE•added 2023/02/15 6:21 a.m.•4 views

SUSE CVE-2003-0988

Buffer overflow in the VCF file information reader for KDE Personal Information Management kdepim suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file...

7.5CVSS7.9AI score0.06151EPSS

Exploits0References3

CVE•added 2020/09/14 7:7 p.m.•50 views

CVE-2019-14757

CVE-2019-14757 affects KaiOS 2.5 and 2.5.1. The pre-installed Contacts app is vulnerable to HTML and JavaScript injection when a victim imports a crafted vCard file. The issue enables an attacker to inject HTML into the Contacts UI, potentially displaying malicious prompts and prompting users to ...

6.1CVSS6.4AI score0.00835EPSS

Exploits0References2Affected Software1

CNVD•added 2015/06/17 12:0 a.m.•1 views

Libmimedir Special File Arbitrary Code Execution Vulnerability

libmimedir is a library of graphical objects based on the RFC implementation of 2425 and 2426. A security vulnerability exists in libmimedir. A remote attacker can construct a specially crafted VCF file with two null bytes added to the end of the file and trick the user into parsing it, which can...

7.5CVSS7.5AI score0.10669EPSS

Exploits5References1

NVD•added 2010/12/08 6:0 p.m.•15 views

CVE-2010-4109

Cross-site scripting XSS vulnerability in the Contacts Application in HP Palm webOS before 2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted vCard file...

4.3CVSS5.5AI score0.01728EPSS

Exploits0References3

Prion•added 2010/12/08 6:0 p.m.•19 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Contacts Application in HP Palm webOS before 2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted vCard file...

4.3CVSS6AI score0.01728EPSS

Exploits0References3Affected Software1

Cvelist•added 2010/12/08 5:0 p.m.•39 views

CVE-2010-4109

Cross-site scripting XSS vulnerability in the Contacts Application in HP Palm webOS before 2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted vCard file...

5.5AI score0.01728EPSS

Exploits0References3

seebug.org•added 2010/10/26 12:0 a.m.•16 views

Windows Mobile 6.1 and 6.5 Double Free Denial of Service

No description provided by source. Vendor: Microsoft Product: Windows Mobile 6.1 and 6.5 Vulnerability: Double Free Denial of Service Tested vulnerable versions: Windows Mobile 6.1 and 6.5 Tested on : HTC Touch WM 6.1, HTC Touch2 WM 6.5 CREDITS: Celil Ünüver from SecurityArchitect.Org CONTACT:...

7.1AI score

Exploits0

0day.today•added 2010/10/22 12:0 a.m.•28 views

Windows Mobile 6.1 and 6.5 Double Free Denial of Service

Exploit for windows platform in category dos / poc ======================================================== Windows Mobile 6.1 and 6.5 Double Free Denial of Service ======================================================== Product: Windows Mobile 6.1 and 6.5 Vulnerability: Double Free Denial of...

7AI score

Exploits0

securityvulns•added 2006/03/27 12:0 a.m.•36 views

[SA19295] LibVC "count_vcards()" Buffer Overflow Vulnerability

TITLE: LibVC "countvcards" Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA19295 VERIFY ADVISORY: http://secunia.com/advisories/19295/ CRITICAL: Moderately critical IMPACT: System access WHERE: From remote SOFTWARE: LibVC http://secunia.com/product/8950/ DESCRIPTION: trew has discovered a...

1.3AI score

Exploits0

UbuntuCve•added 2006/03/22 2:2 a.m.•24 views

CVE-2006-1356

Stack-based buffer overflow in the countvcards function in LibVC 3, as used in Rolo, allows user-assisted attackers to execute arbitrary code via a vCard file e.g. contacts.vcf containing a long line...

5.1CVSS6.5AI score0.04383EPSS

Exploits1References1

Prion•added 2006/03/22 2:2 a.m.•14 views

Stack overflow

5.1CVSS8.5AI score0.04383EPSS

Exploits1References5Affected Software2