723 matches found
CVE-2020-14928
CVE-2020-14928 affects evolution-data-server (EDS) up to version 3.36.3. The issue is a STARTTLS buffering flaw in SMTP/POP3: when a server sends a begin TLS response, EDS reads extra data and evaluates it in a TLS context, enabling potential response injection with impact on integrity as per the...
CVE-2020-14928
evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds reads additional data and evaluates it in a TLS context, aka "response injection."...
CVE-2020-14928
evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds reads additional data and evaluates it in a TLS context, aka "response injection."...
Debian: Security Advisory (DLA-2281-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2281-1 : evolution-data-server security update
Damian Poddebniak and Fabian Ising discovered a response injection vulnerability in Evolution data server, which could enable MITM attacks. For Debian 9 stretch, this problem has been fixed in version 3.22.7-1+deb9u1. We recommend that you upgrade your evolution-data-server packages. For the...
DLA-2281-1 evolution-data-server - security update
Bulletin has no description...
[SECURITY] [DSA 4725-1] evolution-data-server security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4725-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 15, 2020 https://www.debian.org/security/faq -...
DSA-4725-1 evolution-data-server - security update
Bulletin has no description...
CVE-2020-14928
evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds reads additional data and evaluates it in a TLS context, aka "response injection."...
UBUNTU-CVE-2020-14928
evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds reads additional data and evaluates it in a TLS context, aka "response injection."...
evolution security and bug fix update
evolution 3.28.5-12 - Add patch for RH bug 1778799 New Mail account wizard ignores email address change 3.28.5-11 - Update patch for RH bug 1764563 CVE-2018-15587: Reposition signature bar 3.28.5-10 - Add patch for RH bug 1764563 CVE-2018-15587: Reposition signature bar - Add patch for RH bug...
Arbitrary Code Execution
evolution is vulnerablet o arbitrary code execution. Multiple integer overflow flaws which could cause heap-based buffer overflows were found in the Base64 encoding routines used by Evolution Data Server. This could cause an application using Evolution Data Server to crash, or, possibly, execute ...
Denial Of Service (DoS)
evolution is vulnerable to denial of service. It was discovered that Evolution Data Server did not properly validate NTLM NT LAN Manager authentication challenge packets. A malicious server using NTLM authentication could cause an application using Evolution Data Server to disclose portions of it...
CentOS 7 : evolution (RHSA-2020:1080)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1080 advisory. - GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a...
evolution security and bug fix update
atk 2.28.1-2 - Remove patch to fix invalid unref at atkgobjectaccessibleobjectgonecb - Resolves: 1753123 evolution 3.28.5-8 - Update patch for RH bug 1686408 CVE-2018-15587: Reposition signature bar 3.28.5-7 - Add patch for RH bug 1686408 CVE-2018-15587: Reposition signature bar 3.28.5-6 - Add...
CVE-2020-9044
XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls' Metasys Application and Data Server ADS, ADS-Lite versions 10.1 and prior; Metasys Extended Application and...
Cisco Unified Contact Center Enterprise Denial of Service Vulnerability
Cisco Unified Contact Center Enterprise utilizes an IP infrastructure to provide skills-based contact routing, voice self-service, computer telephony integration CTI, and multichannel contact management. A denial of service vulnerability exists in the Live Data server in Cisco Unified Contact...
CVE-2020-3163
A vulnerability in the Live Data server of Cisco Unified Contact Center Enterprise could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability exists because the affected software improperly manages resources when processing...
CVE-2020-3163
A vulnerability in the Live Data server of Cisco Unified Contact Center Enterprise could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability exists because the affected software improperly manages resources when processing...
CVE-2020-3163 Cisco Unified Contact Center Enterprise Denial of Service Vulnerability
A vulnerability in the Live Data server of Cisco Unified Contact Center Enterprise could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability exists because the affected software improperly manages resources when processing...