Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : Evolution Data Server vulnerability (USN-8055-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8055-1 advisory. It was discovered that Evolution Data Server incorrectly handled removing local cache files. An attacker could possibly use this issue to caus...

Evolution Data Server 安全漏洞

Evolution Data Server is an application developed by the GNOME organization. It provides an address book and calendar, allowing all applications to store and retrieve information. There is a security vulnerability in Evolution Data Server, which stems from local cache files. Attackers can bypass...

Linux Distros Unpatched Vulnerability : CVE-2026-2604

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - evolution-data-server - None Red Hat Enterprise Linux - evolution-data-server: Evolution Data Server: Arbitrary file deletion via inconsistent UR...

From points to payouts: The evolution of the Microsoft security researcher leaderboard

The global security research community plays a critical role in helping Microsoft protect customers. Through their deep technical expertise, coordinated disclosure, and collaboration, researchers help identify and remediate vulnerabilities, and shape how our security programs evolve. Many of the...

evolver

🧬 Evolver !GitHub starshttps://img.shields.io/github/star...

MiracleLinux 8 : evolution-data-server-3.28.5-13.el8, evolution-ews-3.28.5-5.el8, evolution-3.28.5-12.el8 (AXSA:2020-530:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-530:01 advisory. evolution: specially crafted email leading to OpenPGP signatures being spoofed for arbitrary messages CVE-2018-15587 Tenable has extracted the preceding...

MiracleLinux 7 : atk-2.28.1-2.el7evolution-data-server-3.28.5-4.el7evolution-ews-3.28.5-5.el7evolution-3.28.5-8.el7 (AXSA:2020-4566:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4566:01 advisory. evolution: specially crafted email leading to OpenPGP signatures being spoofed for arbitrary messages CVE-2018-15587 evolution-ews: all certificate...

MiracleLinux 8 : evolution-data-server-3.28.5-15.el8, evolution-ews-3.28.5-10.el8, evolution-3.28.5-16.el8 (AXSA:2021-2137:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2137:01 advisory. evolution-data-server: NULL pointer dereference related to imapxfreecapability and imapxconnecttoserver CVE-2020-16117 Tenable has extracted the preceding...

MiracleLinux 8 : evolution-mapi-3.28.3-7.el8, openchange-2.3-31.el8 (AXSA:2023-6022:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6022:03 advisory. samba: GnuTLS gnutlsrnd can fail and give predictable random values CVE-2022-1615 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : bogofilter-1.2.5-2.el8, evolution-data-server-3.28.5-14.el8, evolution-mapi-3.28.3-3.el8, evolution-3.28.5-14.el8, openchange-2.3-26.el8 (AXSA:2021-1388:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1388:01 advisory. evolution-data-server: Response injection via STARTTLS in SMTP and POP3 CVE-2020-14928 Tenable has extracted the preceding description block directly from th...

MiracleLinux 4 : evolution-data-server-2.32.3-18.AXS4 (AXSA:2014-352:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2014-352:01 advisory. The evolution-data-server package provides a unified backend for programs that work with contacts, tasks, and calendar information. It was originally develope...

CVE-2023-43340

Cross-site scripting XSS vulnerability in evolution v.3.2.3 allows a local attacker to execute arbitrary code via a crafted payload injected into the cmsadmin, cmsadminemail, cmspassword and cmspasswordconfim parameters...

CVE-2023-43341

Cross-site scripting XSS vulnerability in evolution evo v.3.2.3 allows a local attacker to execute arbitrary code via a crafted payload injected uid parameter...

CVE-2018-1000889

Logisim Evolution version 2.14.3 and earlier contains an XML External Entity XXE vulnerability in Circuit file loading functionality loadXmlFrom in src/com/cburch/logisim/file/XmlReader.java that can result in information leak, possible RCE depending on system configuration. This attack appears t...

CVE-2021-31220

SES Evolution before 2.1.0 allows modifying security policies by leveraging access of a user having read-only access to security policies...

CVE-2021-31224

SES Evolution before 2.1.0 allows duplicating an existing security policy by leveraging access of a user having read-only access to security policies...

CVE-2021-31221

SES Evolution before 2.1.0 allows deleting some parts of a security policy by leveraging access to a computer having the administration console installed...

CVE-2021-31225

SES Evolution before 2.1.0 allows deleting some resources not currently in use by any security policy by leveraging access to a computer having the administration console installed...

CVE-2020-12133

The Apros Evolution, ConsciusMap, and Furukawa provisioning systems through 2.8.1 allow remote code execution because of javax.faces.ViewState Java deserialization...

CVE-2023-43551

Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immediately send the Security Mode Command...