Vulnerabilities > Radicale

DATE	CVE	VULNERABILITY TITLE	RISK
2017-04-30	CVE-2017-8342	Race Condition vulnerability in Radicale Radicale before 1.1.2 and 2.x before 2.0.0rc2 is prone to timing oracles and simple brute-force attacks when using the htpasswd authentication method. network high complexity radicale CWE-362	8.1
2016-02-03	CVE-2016-1505	Pathname Traversal and Equivalence Errors vulnerability in Radicale 1.0/1.0.1 The filesystem storage backend in Radicale before 1.1 on Windows allows remote attackers to read or write to arbitrary files via a crafted path, as demonstrated by /c:/file/ignore. network low complexity radicale CWE-21 critical	10.0
2016-02-03	CVE-2015-8748	Permissions, Privileges, and Access Controls vulnerability in Radicale 1.0/1.0.1 Radicale before 1.1 allows remote authenticated users to bypass owner_write and owner_only limitations via regex metacharacters in the user name, as demonstrated by ".*". network low complexity radicale CWE-264	5.3
2016-02-03	CVE-2015-8747	Improper Input Validation vulnerability in Radicale 1.0/1.0.1 The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name. network low complexity radicale CWE-20 critical	10.0

Vulnerabilities > Radicale {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Radicale"}]}