Linux Distros Unpatched Vulnerability : CVE-2018-15587

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signatu...

Linux Distros Unpatched Vulnerability : CVE-2020-16117

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid e.g., minimal...

Linux Distros Unpatched Vulnerability : CVE-2011-3201

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNOME Evolution before 3.2.3 allows user-assisted remote attackers to read arbitrary files via the attachment parameter to a mailto: URL, which attaches the fil...

Linux Distros Unpatched Vulnerability : CVE-2006-0040

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNOME Evolution 2.4.2.1 and earlier allows remote attackers to cause a denial of service CPU and memory consumption via a text e-mail with a large number of URL...

SOC 3.0 - The Evolution of the SOC and How AI is Empowering Human Talent

Organizations today face relentless cyber attacks, with high-profile breaches hitting the headlines almost daily. Reflecting on a long journey in the security field, it's clear this isn't just a human problem—it's a math problem. There are simply too many threats and security tasks for any SOC to...

CVE-2024-29840

The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly configured access control on DESKTOPEDITUSERGETPINFIELDS, allowing for an unauthenticated attacker to return the pin value of any user...

CVE-2024-29839

The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly configured access control on DESKTOPEDITUSERGETCARD, allowing for an unauthenticated attacker to return the card value data of any user...

CVE-2024-29844

Default credentials on the Web Interface of Evolution Controller 2.x allows anyone to log in to the server directly to perform administrative functions. Upon installation or upon first login, the application does not ask the user to change the password. There is no warning or prompt to ask the us...

CVE-2024-29837

The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below uses poor session management, allowing for an unauthenticated attacker to access administrator functionality if any other user is already signed in...

CVE-2024-29838

The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below does not proper sanitize user input, allowing for an unauthenticated attacker to crash the controller software...

CVE-2024-29843

The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly configured access control on MOBILEGETUSERSLIST, allowing for an unauthenticated attacker to enumerate all users and their access levels...

CVE-2024-29841

The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly configured access control on DESKTOPEDITUSERGETKEYSFIELDS, allowing for an unauthenticated attacker to return the keys value of any user...

Imperva’s Wildest 2025 AppSec Predictions

Humans are spectacularly bad at predicting the future. Which is why, when someone appears to be able to do it on a regular basis, they are hailed as visionaries, luminaries and celebrated with cool names like Nostradamus and The Amazing Kreskin. Nostradamus made his fame on predictions about the...

CVE-2024-10385 Stored XSS in DirectAdmin Evo Skin

Ticket management system in DirectAdmin Evolution Skin is vulnerable to XSS Cross-site Scripting, which allows a low-privileged user to inject and store malicious JavaScript code. If an admin views the ticket, the script might perform actions with their privileges, including command execution. ...

DirectAdmin Evolution Skin 安全漏洞

DirectAdmin Evolution Skin is an application from DirectAdmin, Inc. A security vulnerability exists in DirectAdmin Evolution Skin versions prior to 1.668, which stems from the vulnerability of the Ticket management system to a cross-site scripting attack that allows a low-privileged user to injec...

PT-2024-16236 · Directadmin · Directadmin Evolution Skin

Name of the Vulnerable Software and Affected Versions: DirectAdmin Evolution Skin versions prior to 1.668 Description: The ticket management system in DirectAdmin Evolution Skin is vulnerable to Cross-site Scripting XSS, which allows a low-privileged user to inject and store malicious JavaScript...

AI Under the Microscope—What’s Changed in the OWASP Top 10 for LLMs 2025

As AI continues to evolve, so do the threats and vulnerabilities that surround Large Language Models LLMs. The OWASP Top 10 for LLM Applications 2025 introduces critical updates that reflect the rapid changes in how these models are applied in real-world scenarios. While the list includes...

evolution bug fix update

An update is available for evolution. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Evolution is a GNOME application that provides integrated email, calendar,...

webkit2gtk3 security update

2.46.3-1 - Update to 2.46.3 2.46.2-1 - Update to 2.46.2 - Add patch to disable Evolution sandbox warning 2.46.1-2 - Add patch to keep GSocketMonitor callback alive Resolves: RHEL-59185 2.46.1-1 - Update to 2.46.1 Resolves: RHEL-59185...

RHSA-2005:238 Red Hat Security Advisory: evolution security update

Bulletin has no description...