2068 matches found
CVE-2018-15587
CVE-2018-15587 affects GNOME Evolution and its Evolution Data Server components. The issue allows OpenPGP signatures to be spoofed for arbitrary messages when a specially crafted email contains a valid signature from the impersonated entity. Publicly available references indicate the vulnerabilit...
CVE-2018-15587
GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment...
CVE-2018-15587
GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment...
UBUNTU-CVE-2018-15587
GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment...
Sly criminals package ransomware with malicious ransom note
Ransomware continues to show signs of evolution. From a simple screen locker to a highly-sophisticated data locker, ransomware has now become a mainstream name, even if historically, it has been around far longer than we want to look back. Although the criminals behind ransomware campaigns are...
Redaman Spams Russian Banking Customers with Rotating Tactics
The Redaman banking trojan ramped up its activity in the last part of 2018, employing ongoing back-end changes in order to evade detection, according to a new Wednesday report. Redaman as a malware first came on the scene in 2015, and since then has consistently targeted victims that use Russian...
Microsoft’s Cyber Defense Operations Center shares best practices
Today, a single breach, physical or virtual, can cause millions of dollars of damage to an organization and potentially billions in financial losses to the global economy. Each week seems to bring a new disclosure of a cybersecurity breach somewhere in the world. As we look at the current state o...
Announcing the Microsoft Azure DevOps Bounty program
The Microsoft Security Response Center MSRC is pleased to announce the launch of the Azure DevOps Bounty program, a program dedicated to providing rock-solid security for our DevOps customers. Starting January 17, 2019, we’re excited to offer rewards up to US$20,000 for eligible vulnerabilities i...
Wrong GPG Key Selection
Evolution is vulnerable to wrong GPG key selection. Due to a flaw in the way of GnuPG public keys selection, the package causes the emails being encrypted with public keys other than the one belonging to the intended recipient...
Arbitrary File Read
evolution is vulnerable to arbitrary file read attacks. The vulnerability exists as GNOME Evolution before 3.2.3 allows user-assisted remote attackers to read arbitrary files via the attachment parameter to a mailto: URL, which attaches the file to the email...
Fedora 28 : evolution / evolution-data-server / evolution-ews (2018-1434efb8f3)
Update to 3.28.4 upstream release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...
Zurmo 2.3.4 Cross Site Scripting
Code Evolution PHP Vulnerability in Zurmo 2.3.4 Information -------------------- Advisory by Netsparker Name: Code Evolution PHP in Zurmo 2.3.4 Affected Software: Zurmo Affected Versions: 2.3.4 Homepage: http://zurmo.org/ Vulnerability: Code evolution PHP Severity: Critical Status: Not Fixed CVSS...
Evolution CMS Cross-Site Scripting Vulnerability
Evolution CMS is a content management system CMS. A cross-site scripting vulnerability exists in Evolution CMS version 1.4.x, which can be exploited by remote attackers to inject arbitrary web script or HTML by sending the 'search' parameter to the manager/ URI...
Evolution CMS Cross-Site Scripting Vulnerability (CNVD-2019-03273)
Evolution CMS is a content management system CMS. A cross-site scripting vulnerability exists in Evolution CMS version 1.4.x, which can be exploited by remote attackers to inject arbitrary web script or HTML by sending the 'page weblink title' parameter to the manager/ URI...
Cross site scripting
Evolution CMS 1.4.x allows XSS via the page weblink title parameter to the manager/ URI...
Design/Logic Flaw
Evolution CMS 1.4.x allows XSS via the manager/ search parameter...
CVE-2018-16637
Evolution CMS 1.4.x allows XSS via the page weblink title parameter to the manager/ URI...
CVE-2018-16638
Evolution CMS 1.4.x allows XSS via the manager/ search parameter...
CVE-2018-16638
Evolution CMS 1.4.x allows XSS via the manager/ search parameter...
CVE-2018-16637
Evolution CMS 1.4.x allows XSS via the page weblink title parameter to the manager/ URI...