Lucene search
K

724 matches found

OSV
OSV
added 2020/08/02 12:0 a.m.22 views

DLA-2309-1 evolution-data-server - security update

Bulletin has no description...

5.9CVSS5.8AI score0.0221EPSS
Exploits1
Fedora
Fedora
added 2020/08/01 1:18 a.m.27 views

[SECURITY] Fedora 31 Update: evolution-data-server-3.34.4-2.fc31

The evolution-data-server package provides a unified backend for programs t hat work with contacts, tasks, and calendar information. It was originally developed for Evolution hence the name, but is now used by other packages...

5.9CVSS1.9AI score0.02808EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2020/07/30 2:13 p.m.32 views

CVE-2020-16117

A NULL pointer dereference flaw was found in the GNOME evolution-data-server when a mail client parses invalid messages from a malicious server. This flaw allows an attacker who controls a mail server the ability to crash the mail clients. The highest threat from this vulnerability is to system...

4.3CVSS3.5AI score0.0221EPSS
Exploits1References3
NVD
NVD
added 2020/07/29 6:15 p.m.25 views

CVE-2020-16117

In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid e.g., minimal CAPABILITY line on a connection attempt. This is related to imapxfreecapability and imapxconnecttoserver...

5.9CVSS5.5AI score0.0221EPSS
Exploits1References4
OSV
OSV
added 2020/07/29 6:15 p.m.24 views

CVE-2020-16117

In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid e.g., minimal CAPABILITY line on a connection attempt. This is related to imapxfreecapability and imapxconnecttoserver...

5.9CVSS6.6AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2020/07/29 6:15 p.m.27 views

CVE-2020-16117

In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid e.g., minimal CAPABILITY line on a connection attempt. This is related to imapxfreecapability and imapxconnecttoserver...

5.9CVSS6.8AI score0.0221EPSS
Exploits1References4
CVE
CVE
added 2020/07/29 5:59 p.m.208 views

CVE-2020-16117

CVE-2020-16117 affects GNOME evolution-data-server, prior to 3.35.91. A malicious server can crash the mail client by sending an invalid CAPABILITY line during a connection, causing a NULL pointer dereference in the imapx_free_capability/imapx_connect_to_server path. The issue is a client-side cr...

5.9CVSS5.4AI score0.0221EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2020/07/29 5:59 p.m.25 views

CVE-2020-16117

In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid e.g., minimal CAPABILITY line on a connection attempt. This is related to imapxfreecapability and imapxconnecttoserver...

5.5AI score0.0221EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2020/07/29 5:59 p.m.30 views

CVE-2020-16117

In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid e.g., minimal CAPABILITY line on a connection attempt. This is related to imapxfreecapability and imapxconnecttoserver...

5.9CVSS6AI score0.0221EPSS
Exploits1
OpenVAS
OpenVAS
added 2020/07/23 12:0 a.m.20 views

Ubuntu: Security Advisory (USN-4429-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.2AI score0.02808EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/07/23 12:0 a.m.29 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Evolution Data Server vulnerability (USN-4429-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4429-1 advisory. It was discovered that Evolution Data Server incorrectly handled STARTTLS when using SMTP and POP3. A remote attacker could possibly use...

5.9CVSS7AI score0.02808EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2020/07/22 12:3 p.m.71 views

USN-4429-1: Evolution Data Server vulnerability

It was discovered that Evolution Data Server incorrectly handled STARTTLS when using SMTP and POP3. A remote attacker could possibly use this issue to perform a response injection attack...

5.9CVSS7AI score0.02808EPSS
Exploits1
OSV
OSV
added 2020/07/22 12:3 p.m.4 views

USN-4429-1 evolution-data-server vulnerability

It was discovered that Evolution Data Server incorrectly handled STARTTLS when using SMTP and POP3. A remote attacker could possibly use this issue to perform a response injection attack...

5.9CVSS6.9AI score0.02808EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/07/20 12:0 a.m.29 views

Debian DSA-4725-1 : evolution-data-server - security update

Damian Poddebniak and Fabian Ising discovered a response injection vulnerability in Evolution data server, which could enable MITM attacks. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4725. The text itsel...

5.9CVSS6.8AI score0.02808EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/18 11:29 p.m.16 views

Security Bulletin: Vulnerabilities affect IBM InfoSphere BigInsights Web console (CVE-2016-2924, CVE-2016-2992 )

Summary Cross-site scripting vulnerabilities in Data Server Manager affect IBM InfoSphere BigInsights Web console and user-supplied input Vulnerability Details CVEID: CVE-2016-2924 DESCRIPTION: IBM Infosphere BigInsights is vulnerable to cross-site scripting, caused by improper validation of...

5.4CVSS0.8AI score0.00705EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/18 11:17 p.m.28 views

Security Bulletin: BigInsights is affected by multiple vulnerabilities in BigSheets and Data Server Manager (CVE-2017-1552, CVE-2017-1553, CVE-2017-1554)

Summary BigInsights is affected by multiple UI vulnerabilities in BigSheets and Data Server Manager DSM Vulnerability Details CVEID: CVE-2017-1552 DESCRIPTION: IBM Infosphere BigInsights is vulnerable to link injection. By persuading a victim to click on a specially-crafted URL link, a remote...

5.4CVSS1AI score0.00869EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2020/07/18 12:0 a.m.30 views

Debian: Security Advisory (DSA-4725-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.2AI score0.02808EPSS
Exploits1References4
NVD
NVD
added 2020/07/17 4:15 p.m.22 views

CVE-2020-14928

evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds reads additional data and evaluates it in a TLS context, aka "response injection."...

5.9CVSS0.02808EPSS
Exploits1References10
OSV
OSV
added 2020/07/17 4:15 p.m.9 views

CVE-2020-14928

evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds reads additional data and evaluates it in a TLS context, aka "response injection."...

5.9CVSS5.5AI score
Exploits0References10
OSV
OSV
added 2020/07/17 4:15 p.m.1 views

DEBIAN-CVE-2020-14928

evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds reads additional data and evaluates it in a TLS context, aka "response injection."...

5.9CVSS6.8AI score0.02808EPSS
Exploits1References1
Rows per page
Query Builder