Filtered by vendor Radicale
Subscribe
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-8342 | 1 Radicale | 1 Radicale | 2024-02-04 | 4.3 MEDIUM | 8.1 HIGH |
| Radicale before 1.1.2 and 2.x before 2.0.0rc2 is prone to timing oracles and simple brute-force attacks when using the htpasswd authentication method. | |||||
| CVE-2015-8748 | 1 Radicale | 1 Radicale | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| Radicale before 1.1 allows remote authenticated users to bypass owner_write and owner_only limitations via regex metacharacters in the user name, as demonstrated by ".*". | |||||
| CVE-2015-8747 | 1 Radicale | 1 Radicale | 2024-02-04 | 7.5 HIGH | 10.0 CRITICAL |
| The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name. | |||||
| CVE-2016-1505 | 2 Microsoft, Radicale | 2 Windows, Radicale | 2024-02-04 | 7.5 HIGH | 10.0 CRITICAL |
| The filesystem storage backend in Radicale before 1.1 on Windows allows remote attackers to read or write to arbitrary files via a crafted path, as demonstrated by /c:/file/ignore. | |||||