CVE-2021-31224

SES Evolution before 2.1.0 allows duplicating an existing security policy by leveraging access of a user having read-only access to security policies...

CVE-2021-31224

The connected Red Hat advisory confirms CVE-2021-31224 affects SES Evolution prior to version 2.1.0. The vulnerability allows a user with read-only access to security policies to duplicate an existing policy, effectively bypassing intended policy immutability. The root cause is a permission/logic...

CVE-2021-35957

CVE-2021-35957 affects Stormshield Endpoint Security Evolution 2.0.0–2.0.2. The issue is a local-privilege concern where an attacker with local access can replace Visual C++ runtime DLLs in %WINDIR%\system32 with malicious versions, undermining the intended defense. Root cause: insufficient prote...

CVE-2021-31225

SES Evolution before 2.1.0 allows deleting some resources not currently in use by any security policy by leveraging access to a computer having the administration console installed...

CVE-2021-31225

CVE-2021-31225 affects Stormshield SES Evolution prior to 2.1.0. The issue allows deleting resources not currently in use by any security policy by leveraging access to a computer with the administration console installed. The impact relates to resource deletion with partial integrity and availab...

Stormshield SES Evolution 授权问题漏洞

Stormshield SES Evolution is a security solution from the French company Stormshield. An authorization issue vulnerability exists in SES Evolution that originates from a vulnerability that allows some security policies to be read while accessing a computer with the management console installed, a...

Stormshield SES Evolution 授权问题漏洞

Stormshield SES Evolution is a security solution from the French company Stormshield. An authorization issue vulnerability exists in SES Evolution that originates from allowing some security policies to be updated on computers with access to a management console installed, and affects the followi...

Stormshield SES Evolution 授权问题漏洞

Stormshield SES Evolution is a security solution from the French company Stormshield. An authorization issue vulnerability exists in SES Evolution that originates from a vulnerability that allows the deletion of some security policies when accessing a computer on which the management console is...

Stormshield SES Evolution 处理逻辑错误漏洞

Stormshield SES Evolution is a security solution from the French company Stormshield. A Processing Logic Error vulnerability exists in SES Evolution due to the product's failure to properly handle a user's read-only privileges, which can be exploited by an attacker to modify a security policy wit...

Stormshield SES Evolution 安全漏洞

Stormshield SES Evolution is a security solution from the French company Stormshield. A security vulnerability existed prior to SES Evolution 2.1.0, which allowed the deletion of some resources not currently used by any security policy by exploiting access to a computer with the management consol...

jSonar to Begin a New Chapter in Collaboration

A message from JSonar co-founder and CTO, Ron Bennatan. My wife complains that I’m a boring person. I’ve been doing the same thing for 25 years now – databases, then security, then database security, then data security and then some data lake security. But by that account Tom Brady is a boring...

Advisory ROSA-SA-2021-1831

Software: evolution-data-server 3.28.5 OS: Cobalt 7.9 CVE-ID: CVE-2020-14928 CVE-Crit: MEDIUM CVE-DESC: From evolution-data-server eds to 3.36.3 there is an issue with STARTTLS buffering that affects SMTP and POP3. When the server sends a "start TLS" response, eds reads additional data and...

Advisory ROSA-SA-2021-1830

Software: evolution 3.28.5 OS: Cobalt 7.9 CVE-ID: CVE-2020-11879 CVE-Crit: MEDIUM CVE-DESC: A problem was found in GNOME Evolution before 3.35.91. Using the proprietary not RFC6068 parameter mailto? Attach = ..., a website or other mailto link source could cause Evolution to attach local files or...

Exclusive Ransomware Poll: 80% of Victims Don’t Pay Up

Ransomware is on the rise, but what toll does it take on the real world? Threatpost set out to answer that question in an exclusive poll aimed at taking the pulse of organizations wrestling with attacks, including looking at mitigations and the defenses organizations have in place. When viewed...

PT-2021-7399 · Qualcomm · Snapdragon Connectivity +6

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables affected versions not specified Description: The issue is related to improper...

SUSE: Security Advisory (SUSE-SU-2014:1519-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Bad bots continue to evolve. Your mitigation strategy should, too.

With the global pandemic continuing to catalyze digitalization, we’ve seen two years worth of digital transformation take place in a mere two months, according to Microsoft CEO Satya Nadella. Clearly, bad actors are capitalizing on the opportunities that digital transformation creates, as more da...

On the Taxonomy and Evolution of Ransomware

Given the frequency with which “ransomware” appears in news articles, it may be worthwhile to take a step back and actually consider what the term means. Any malware or attack that culminates in extorting ransom from the victim is commonly referred to as ransomware. The general idea is to encrypt...

Talos Takes Ep. #55: How Transparent Tribe could evolve in the future

By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. We recently covered how the Transparent Tribe APT added another RAT to its arsenal. Where might they go from here? In...

Directory traversal

Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to write data in arbitrary locations on the filesystem, crash, or potentially execute arbitrary code...