MiracleLinux 7 : atk-2.28.1-2.el7evolution-data-server-3.28.5-4.el7evolution-ews-3.28.5-5.el7evolution-3.28.5-8.el7 (AXSA:2020-4566:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4566:01 advisory. evolution: specially crafted email leading to OpenPGP signatures being spoofed for arbitrary messages CVE-2018-15587 evolution-ews: all certificate...

CVE-2018-1000889

Logisim Evolution version 2.14.3 and earlier contains an XML External Entity XXE vulnerability in Circuit file loading functionality loadXmlFrom in src/com/cburch/logisim/file/XmlReader.java that can result in information leak, possible RCE depending on system configuration. This attack appears t...

EUVD-2010-3908

Malware in sbrugna...

EUVD-2007-1263

Malware in sbrugna...

EUVD-2011-3165

Malware in sbrugna...

EUVD-2003-0129

Malware in sbrugna...

EUVD-2013-7144

Malware in sbrugna...

EUVD-2023-2634

Malicious code in bioql PyPI...

CVE-2021-31223

SES Evolution before 2.1.0 allows reading some parts of a security policy by leveraging access to a computer having the administration console installed...

Medium: evolution

Issue Overview: An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary non-RFC6068 "mailto?attach=..." parameter, a website or other source of mailto links can make Evolution attach local files or directories to a composed email message without showing a warning to th...

CVE-2023-43340

Cross-site scripting XSS vulnerability in evolution v.3.2.3 allows a local attacker to execute arbitrary code via a crafted payload injected into the cmsadmin, cmsadminemail, cmspassword and cmspasswordconfim parameters...

Stormshield Endpoint Security 安全漏洞

Stormshield Endpoint Security is a product line for enhancing workstation and server security from the French company Stormshield. A security vulnerability exists in Stormshield Endpoint Security Evolution versions 2.0.0 through 2.3.2, which can be exploited to create arbitrary files with local...

SUSE CVE-2006-0040

GNOME Evolution 2.4.2.1 and earlier allows remote attackers to cause a denial of service CPU and memory consumption via a text e-mail with a large number of URLs, possibly due to unknown problems in gtkhtml...

SUSE CVE-2008-0072

Format string vulnerability in the emfmultipartencrypted function in mail/em-format.c in Evolution 2.12.3 and earlier allows remote attackers to execute arbitrary code via a crafted encrypted message, as demonstrated using the Version field...

PT-2020-12913 · Gnome +2 · Gnome Evolution +2

Name of the Vulnerable Software and Affected Versions: GNOME Evolution versions prior to 3.35.91 Description: An issue was discovered where a website or other source of mailto links can make Evolution attach local files or directories to a composed email message without showing a warning to the...

Mandriva Update for evolution MDKA-2007:061 (evolution)

Check for the Version of evolution OpenVAS Vulnerability Test Mandriva Update for evolution MDKA-2007:061 evolution Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Ubuntu Update for evolution vulnerability USN-583-1

Ubuntu Update for Linux kernel vulnerabilities USN-583-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5831.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for evolution vulnerability USN-583-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Ubuntu Update for evolution vulnerability USN-442-1

Ubuntu Update for Linux kernel vulnerabilities USN-442-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4421.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for evolution vulnerability USN-442-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

CVE-2007-1266

Evolution 2.8.1 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message...

CVE-2006-2789

Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when "load images if sender in addressbook" is enabled, allows remote attackers to cause a denial of service persistent crash via a crafted "From" header that triggers an assert error in camel-internet-address.c when a null pointer is used...