Lucene search
+L

198 matches found

cvelist
cvelist
added 3 days ago27 views

CVE-2026-56451

A vulnerability has been identified in Opcenter X All versions V2604. Affected applications do not properly validate the algorithm specified in the JSON Web Token JWT header. This could allow an unauthenticated remote attacker to forge arbitrary JWT, bypass authentication mechanisms and impersona...

10CVSS0.00384EPSS
Exploits0References1
osv
osv
added 2026/06/17 1:20 p.m.4 views

DEBIAN-CVE-2026-2604

A flaw was found in evolution-data-server. Inconsistent comparison logic in the addressbook file backend allows a Flatpak application with D-Bus access to craft a malicious URI containing directory traversal sequences. This URI is stored without proper validation during contact creation or...

5.6CVSS5.5AI score0.00189EPSS
Exploits0References1
opensuse
opensuse
added 2026/06/03 12:0 a.m.7 views

Security update for evolution-data-server (moderate)

openSUSE security update: security update for evolution-data-server ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20864-1 Rating: moderate References: bsc1258307 Cross-References: CVE-2026-2604 CVSS scores: CVE-2026-2604 SUSE : 5.6...

6.8CVSS5.8AI score0.00189EPSS
Exploits0References1
osv
osv
added 2026/06/01 1:18 p.m.5 views

OPENSUSE-SU-2026:20864-1 Security update for evolution-data-server

This update for evolution-data-server fixes the following issues: - CVE-2026-2604: Canonicalize path before local cache file removal. bsc1258307...

5.6CVSS5.8AI score0.00189EPSS
Exploits0References2
osv
osv
added 2026/05/15 2:3 p.m.7 views

OESA-2026-2356 evolution-data-server security update

The evolution-data-server package provides a personal information management application that provides integrated mail, calendaring and address book functionality. The evolution-data-server package provides a single database for common, desktop-wide information, such as a user's address book or...

5.6CVSS5.9AI score0.00189EPSS
Exploits0References2
osv
osv
added 2026/05/15 2:3 p.m.9 views

OESA-2026-2355 evolution-data-server security update

The evolution-data-server package provides a personal information management application that provides integrated mail, calendaring and address book functionality. The evolution-data-server package provides a single database for common, desktop-wide information, such as a user's address book or...

5.6CVSS5.9AI score0.00189EPSS
Exploits0References2
amazon
amazon
added 2026/03/06 12:0 a.m.6 views

Medium: evolution-data-server

Issue Overview: The Evolution backend server exposes the D-Bus service org.gnome.evolution.dataserver.AddressBook, that can be used in order to manage contacts. A Flatpak application with access to this D-Bus service can exploit this issue in order to gain arbitrary file deletion on the host...

6AI score0.00189EPSS
Exploits0
nessus
nessus
added 2026/03/06 12:0 a.m.10 views

Amazon Linux 2 : evolution-data-server, --advisory ALAS2-2026-3179 (ALAS-2026-3179)

The version of evolution-data-server installed on the remote host is prior to 3.28.5-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3179 advisory. The Evolution backend server exposes the D-Bus service org.gnome.evolution.dataserver.AddressBook, that can be used ...

5.6CVSS5.9AI score0.00189EPSS
Exploits0References4
nessus
nessus
added 2026/03/06 12:0 a.m.3 views

Amazon Linux 2023 : evolution-data-server, evolution-data-server-devel, evolution-data-server-langpacks (ALAS2023-2026-1451)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1451 advisory. The Evolution backend server exposes the D-Bus service org.gnome.evolution.dataserver.AddressBook, that can be used in order to manage contacts. A Flatpak application with access to this D-Bus service...

5.6CVSS5.9AI score0.00189EPSS
Exploits0References4
amazon
amazon
added 2026/03/05 12:0 a.m.7 views

Medium: evolution-data-server

Issue Overview: The Evolution backend server exposes the D-Bus service org.gnome.evolution.dataserver.AddressBook, that can be used in order to manage contacts. A Flatpak application with access to this D-Bus service can exploit this issue in order to gain arbitrary file deletion on the host...

6AI score0.00189EPSS
Exploits0
nessus
nessus
added 2026/03/05 12:0 a.m.5 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : evolution-data-server (SUSE-SU-2026:0775-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0775-1 advisory. This update for evolution-data-server fixes the following issue: - CVE-2026-2604: arbitrary file deletion...

5.6CVSS6AI score0.00189EPSS
Exploits0References4
suse
suse
added 2026/03/03 1:20 p.m.5 views

Security update for evolution-data-server

This update for evolution-data-server fixes the following issue: CVE-2026-2604: arbitrary file deletion via inconsistent URI handling bsc1258307. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...

6.8CVSS6AI score0.00189EPSS
Exploits0References4
osv
osv
added 2026/03/03 1:20 p.m.4 views

SUSE-SU-2026:0776-1 Security update for evolution-data-server

This update for evolution-data-server fixes the following issue: - CVE-2026-2604: arbitrary file deletion via inconsistent URI handling bsc1258307...

5.6CVSS6AI score0.00189EPSS
Exploits0References3
suse
suse
added 2026/03/03 1:19 p.m.6 views

Security update for evolution-data-server

This update for evolution-data-server fixes the following issue: CVE-2026-2604: arbitrary file deletion via inconsistent URI handling bsc1258307. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...

6.8CVSS6AI score0.00189EPSS
Exploits0References4
osv
osv
added 2026/03/03 1:19 p.m.3 views

SUSE-SU-2026:0775-1 Security update for evolution-data-server

This update for evolution-data-server fixes the following issue: - CVE-2026-2604: arbitrary file deletion via inconsistent URI handling bsc1258307...

5.6CVSS6AI score0.00189EPSS
Exploits0References3
opensuse
opensuse
added 2026/02/27 12:0 a.m.5 views

evolution-data-server-3.58.3-2.1 on GA media (moderate)

evolution-data-server-3.58.3-2.1 on GA media Announcement ID: openSUSE-SU-2026:10262-1 Rating: moderate Cross-References: CVE-2026-2604 CVSS scores: CVE-2026-2604 SUSE : 5.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L CVE-2026-2604 SUSE : 6.8...

6.8CVSS6AI score0.00189EPSS
Exploits0
openvas
openvas
added 2026/02/24 12:0 a.m.6 views

Ubuntu: Security Advisory (USN-8055-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.6CVSS5.4AI score0.00189EPSS
Exploits0References2
circl
circl
added 2026/02/23 4:40 p.m.6 views

CVE-2026-2604

creationtimestamp| type| source ---|---|--- 2026-02-23 16:40:13+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mfk3qbdke22b 2026-06-17 00:31:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3moh2quqanb2t...

5.6CVSS4.9AI score0.00189EPSS
Exploits0References2
susecve
susecve
added 2026/02/18 12:26 a.m.2 views

SUSE CVE-2026-2604

A flaw was found in evolution-data-server. Inconsistent comparison logic in the addressbook file backend allows a Flatpak application with D-Bus access to craft a malicious URI containing directory traversal sequences. This URI is stored without proper validation during contact creation or...

5.6CVSS5.5AI score0.00189EPSS
Exploits0References5
ubuntucve
ubuntucve
added 2026/02/18 12:0 a.m.5 views

CVE-2026-2604

A flaw was found in evolution-data-server. Inconsistent comparison logic in the addressbook file backend allows a Flatpak application with D-Bus access to craft a malicious URI containing directory traversal sequences. This URI is stored without proper validation during contact creation or...

5.6CVSS6.1AI score0.00189EPSS
Exploits0References3
Rows per page
Query Builder