2068 matches found
Directory traversal
Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to write data in arbitrary locations on the filesystem, crash, or potentially execute arbitrary code...
CVE-2009-3721
Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to write data in arbitrary locations on the filesystem, crash, or potentially execute arbitrary code...
CVE-2009-3721
CVE-2009-3721 affects yTNEF and Evolution’s TNEF parser derived from yTNEF. The vulnerabilities are described as directory traversal and buffer overflow flaws that could allow a crafted email to cause writes to arbitrary filesystem locations, application crashes, or potentially arbitrary code exe...
Becoming resilient by understanding cybersecurity risks: Part 4—navigating current threats
In part three of this blog series on aligning security with business objectives and risk, we explored what it takes for security leaders to shift from looking at their mission as purely defending against technical attacks, to one that focuses on protecting valuable business assets, data, and...
Oracle Linux 8 : evolution (ELSA-2021-1752)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1752 advisory. - Resolves: 1862403 CVE-2020-16117: Crash on malformed server response with minimal capabilities evolution-ews Tenable has extracted the preceding description...
Evolution of JSWorm ransomware
Introduction Over the past few years, the ransomware threat landscape has been gradually changing. We have been witness to a paradigm shift. From the massive outbreaks of 2017, such as WannaCry, NotPetya, and Bad Rabbit, a lot of ransomware actors have moved to the covert but highly profitable...
Denial Of Service (DoS)
evolution-data-server is vulnerable to denial of service DoS. The vulnerability exists through a NULL pointer dereference by sending an invalid e.g., minimal CAPABILITY line on a connection attempt...
CentOS 8 : evolution (CESA-2021:1752)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:1752 advisory. - evolution-data-server: NULL pointer dereference related to imapxfreecapability and imapxconnecttoserver CVE-2020-16117 Note that Nessus has not tested for thi...
RHEL 8 : evolution (RHSA-2021:1752)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:1752 advisory. Evolution is a GNOME application that provides integrated email, calendar, contact management, and communications functionality. The...
Low: Red Hat Security Advisory: evolution security, bug fix, and enhancement update
An update for evolution, evolution-data-server, and evolution-ews is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
evolution-data-server: NULL pointer dereference related to imapx_free_capability and imapx_connect_to_server
A NULL pointer dereference flaw was found in the GNOME evolution-data-server when a mail client parses invalid messages from a malicious server. This flaw allows an attacker who controls a mail server the ability to crash the mail clients. The highest threat from this vulnerability is to system...
RLSA-2021:1752 Low: evolution security, bug fix, and enhancement update
Evolution is a GNOME application that provides integrated email, calendar, contact management, and communications functionality. The evolution-data-server packages provide a unified back end for applications which interact with contacts, tasks and calendar information. Evolution Data Server was...
evolution security, bug fix, and enhancement update
An update is available for evolution, evolution-ews, evolution-data-server. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Evolution is a GNOME application that...
ALSA-2021:1752 Low: evolution security, bug fix, and enhancement update
Evolution is a GNOME application that provides integrated email, calendar, contact management, and communications functionality. The evolution-data-server packages provide a unified back end for applications which interact with contacts, tasks and calendar information. Evolution Data Server was...
Low: evolution security, bug fix, and enhancement update
Evolution is a GNOME application that provides integrated email, calendar, contact management, and communications functionality. The evolution-data-server packages provide a unified back end for applications which interact with contacts, tasks and calendar information. Evolution Data Server was...
Stop Ransomware Groups Who Weaponize Legitimate Tools
The ongoing game of cat and mouse – cybercriminals vs security teams – continues with the latest evolution in ransomware...
The Evolution of DevOps in 2021
DevOps has long been a key tool in helping organizations reliably and rapidly deliver systems into production. While in the past, IT and software development teams suffered from lengthy processes and struggled to resolve incompatible priorities, now DevOps allows for easier collaboration, as well...
The UNC2529 Triple Double: A Trifecta Phishing Campaign
In December 2020, Mandiant observed a widespread, global phishing campaign targeting numerous organizations across an array of industries. Mandiant tracks this threat actor as UNC2529. Based on the considerable infrastructure employed, tailored phishing lures and the professionally coded...
Huawei EulerOS: Security Advisory for evolution (EulerOS-SA-2021-1779)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for evolution-data-server (EulerOS-SA-2021-1780)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...