EUVD-2023-39916

Malicious code in bioql PyPI...

SUSE CVE-2023-35927

NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. In NextCloud Server versions 25.0.0 until 25.0.7 and 26.0.0 until 26.0.2 and Nextcloud Enterprise Server versions 21.0.0 until 21.0.9.12, 22.0.0 until 22.2.10.12, 23.0.0 until...

ROS-20241112-11

A vulnerability in the index.php component of Enterprise Server, a cloud-based software package for creating and using Nextcloud Server data storage is related to an access control flaw. Exploitation of the vulnerability could allow an attacker acting remotely to modify or delete VCards in the...

CVE-2023-35927

NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. In NextCloud Server versions 25.0.0 until 25.0.7 and 26.0.0 until 26.0.2 and Nextcloud Enterprise Server versions 21.0.0 until 21.0.9.12, 22.0.0 until 22.2.10.12, 23.0.0 until...

Code injection

NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. In NextCloud Server versions 25.0.0 until 25.0.7 and 26.0.0 until 26.0.2 and Nextcloud Enterprise Server versions 21.0.0 until 21.0.9.12, 22.0.0 until 22.2.10.12, 23.0.0 until...

CVE-2023-35927 Nextcloud system addressbooks can be modified by malicious trusted server

NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. In NextCloud Server versions 25.0.0 until 25.0.7 and 26.0.0 until 26.0.2 and Nextcloud Enterprise Server versions 21.0.0 until 21.0.9.12, 22.0.0 until 22.2.10.12, 23.0.0 until...

CVE-2023-35927 Nextcloud system addressbooks can be modified by malicious trusted server

NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. In NextCloud Server versions 25.0.0 until 25.0.7 and 26.0.0 until 26.0.2 and Nextcloud Enterprise Server versions 21.0.0 until 21.0.9.12, 22.0.0 until 22.2.10.12, 23.0.0 until...

CVE-2023-35927

The CVE-2023-35927 issue affects Nextcloud Server and Enterprise Server where two trusted servers exchange share secrets and an attacker could modify or delete VCards in the origin server’s system address book, impacting user search and avatar menus. The initial description lists affected lines f...

PT-2023-8431 · Nextcloud +2 · Nextcloud Enterprise Server +3

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions 25.0.0 through 25.0.7 Nextcloud Server versions 26.0.0 through 26.0.2 Nextcloud Enterprise Server versions 21.0.0 through 21.0.9.12 Nextcloud Enterprise Server versions 22.0.0 through 22.2.10.12 Nextcloud Enterprise...

System addressbooks can be modified by malicious trusted server

None...

PHP-AddressBook v6.2.4 (group.php) SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title : PHP-AddressBook v6.2.4 SQL INJECTION VULNERABILITIES Script : PHP-AddressBook v6.2.4 Language : PHP DESCRIPTION:Simple, web-based address & phone book, contact manager, organizer. Groups, addresses, e-Mails, phone numbers &...

PHP-AddressBook 6.2.4 SQL Injection

Exploit Title : PHP-AddressBook v6.2.4 SQL INJECTION VULNERABILITIES Script : PHP-AddressBook v6.2.4 Language : PHP DESCRIPTION:Simple, web-based address & phone book, contact manager, organizer. Groups, addresses, e-Mails, phone numbers & birthdays. vCards, LDIF, Excel, iPhone, Gmail & Google-Ma...

HTC Touch vCard over IP Denial of Service Exploit

No description provided by source. ! /usr/bin/env python Copyright c 2009 Mobile Security Lab www.mseclab.com Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files the "Software", to deal in the Software without restrictio...

Skype < 1.4.0.84 Multiple Vulnerabilities (uncredentialed check)

The remote host is running Skype, a peer-to-peer voice over IP software. The remote version of this software is vulnerable to a heap overflow in the handling of its data structures. An attacker can exploit this flaw by sending a specially crafted network packet to UDP or TCP ports Skype is...

GLSA-200508-12 : Evolution: Format string vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200508-12 Evolution: Format string vulnerabilities Ulf Harnhammar discovered that Evolution is vulnerable to format string bugs when viewing attached vCards and when displaying contact information from remote LDAP servers or task...

Evolution: Format string vulnerabilities

Background Evolution is a GNOME groupware application. Description Ulf Harnhammar discovered that Evolution is vulnerable to format string bugs when viewing attached vCards and when displaying contact information from remote LDAP servers or task list data from remote servers CAN-2005-2549. He als...

Multiple Mozilla bugs

Buffer overflows in e-mail VCards, bitmpa decoders, UTF-8 conversion, POP3 protocol handling, send page feature; crossite scripting via link dragging...