ALSA-2020:4649 Low: evolution security and bug fix update

Evolution is a GNOME application that provides integrated email, calendar, contact management, and communications functionality. The evolution-data-server packages provide a unified back end for applications which interact with contacts, tasks and calendar information. Evolution Data Server was...

Low: evolution security and bug fix update

Evolution is a GNOME application that provides integrated email, calendar, contact management, and communications functionality. The evolution-data-server packages provide a unified back end for applications which interact with contacts, tasks and calendar information. Evolution Data Server was...

evolution security and bug fix update

An update is available for bogofilter, evolution-mapi. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Evolution is a GNOME application that provides integrated...

EulerOS 2.0 SP5 : evolution-data-server (EulerOS-SA-2020-2243)

According to the versions of the evolution-data-server packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a 'begin...

Huawei EulerOS: Security Advisory for evolution-data-server (EulerOS-SA-2020-2243)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The Tale of Double JavaScript Obfuscated Scam

The phishing landscape is constantly evolving. Over the years, it has evolved into a more scalable threat, with an overwhelming amount of campaigns being launched daily. Phishing also changed when criminals started adding more capabilities and features to their toolkits, which make the phishing...

CrimeOps of the KashmirBlack Botnet – Part I

Introduction Being in a research team exposes us to a variety of attacks on different platforms, of different types, scope, and volume. It also gives us the opportunity to select particularly interesting attacks that target our customers and to analyze them. This blog will give you a taste of the...

evolutionwindowfilms.com Cross Site Scripting vulnerability OBB-1417807

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Watch Out — Microsoft Warns Android Users About A New Ransomware

Microsoft has warned about a new strain of mobile ransomware that takes advantage of incoming call notifications and Android's Home button to lock the device behind a ransom note. The findings concern a variant of a known Android ransomware family dubbed "MalLocker.B" which has now resurfaced wit...

Android Ransomware Has Picked Up Some Ominous New Tricks

While it's still far more common on PCs, mobile ransomware has undergone a worrying evolution, new research shows...

Smart DNS for the New Network Edge

People depend on the internet for just about everything: interacting, learning, transacting, traveling, working, and more. At the same time, the wireless evolution to 4G -- and soon 5G and Wi-Fi everywhere -- has given birth to an era of connected cars, smart sensors, and a multitude of other...

Huawei EulerOS: Security Advisory for evolution-data-server (EulerOS-SA-2020-1890)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2020-0351 Updated evolution-data-server packages fix security vulnerabilities

evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds reads additional data and evaluates it in a TLS context, aka "response injection". CVE-2020-14928 In GNOME evolution-data-server before 3.35.91, a...

Updated evolution-data-server packages fix security vulnerabilities

evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds reads additional data and evaluates it in a TLS context, aka "response injection". CVE-2020-14928 In GNOME evolution-data-server before 3.35.91, a...

EulerOS 2.0 SP8 : evolution-data-server (EulerOS-SA-2020-1890)

According to the version of the evolution-data-server packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sendi...

QakBot Banking Trojan Returned With New Sneaky Tricks to Steal Your Money

A notorious banking trojan aimed at stealing bank account credentials and other financial information has now come back with new tricks up its sleeve to target government, military, and manufacturing sectors in the US and Europe, according to new research. In an analysis released by Check Point...

Amazon Linux 2 : evolution (ALAS-2020-1476)

The version of evolution installed on the remote host is prior to 3.28.5-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1476 advisory. GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted ema...

Amazon Linux 2 : evolution-data-server, evolution-ews (ALAS-2020-1475)

The version of evolution-data-server installed on the remote host is prior to 3.28.5-4. The version of evolution-ews installed on the remote host is prior to 3.28.5-5. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1475 advisory. It was discovered evolution-ews befo...

Medium: evolution-data-server, evolution-ews

Issue Overview: It was discovered evolution-ews before 3.31.3 does not check the validity of SSL certificates. An attacker could abuse this flaw to get confidential information by tricking the user into connecting to a fake server without the user noticing the difference. CVE-2019-3890 Affected...

Medium: evolution

Issue Overview: GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment. CVE-2018-15587 Affected Packages: evolution Note: This advisory i...