Amazon Linux 2 : evolution-data-server, --advisory ALAS2-2026-3179 (ALAS-2026-3179)

The version of evolution-data-server installed on the remote host is prior to 3.28.5-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3179 advisory. The Evolution backend server exposes the D-Bus service org.gnome.evolution.dataserver.AddressBook, that can be used ...

openSUSE Security Advisory (SUSE-SU-2026:0775-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Medium: evolution-data-server

Issue Overview: The Evolution backend server exposes the D-Bus service org.gnome.evolution.dataserver.AddressBook, that can be used in order to manage contacts. A Flatpak application with access to this D-Bus service can exploit this issue in order to gain arbitrary file deletion on the host...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : evolution-data-server (SUSE-SU-2026:0775-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0775-1 advisory. This update for evolution-data-server fixes the following issue: - CVE-2026-2604: arbitrary file deletion...

SUSE SLED15 / SLES15 Security Update : evolution-data-server (SUSE-SU-2026:0776-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0776-1 advisory. This update for evolution-data-server fixes the following issue: - CVE-2026-2604: arbitrary file deletion via...

Security update for evolution-data-server

This update for evolution-data-server fixes the following issue: CVE-2026-2604: arbitrary file deletion via inconsistent URI handling bsc1258307. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...

SUSE-SU-2026:0776-1 Security update for evolution-data-server

This update for evolution-data-server fixes the following issue: - CVE-2026-2604: arbitrary file deletion via inconsistent URI handling bsc1258307...

Security update for evolution-data-server

This update for evolution-data-server fixes the following issue: CVE-2026-2604: arbitrary file deletion via inconsistent URI handling bsc1258307. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively y...

SUSE-SU-2026:0775-1 Security update for evolution-data-server

This update for evolution-data-server fixes the following issue: - CVE-2026-2604: arbitrary file deletion via inconsistent URI handling bsc1258307...

evolution-data-server-3.58.3-2.1 on GA media (moderate)

evolution-data-server-3.58.3-2.1 on GA media Announcement ID: openSUSE-SU-2026:10262-1 Rating: moderate Cross-References: CVE-2026-2604 CVSS scores: CVE-2026-2604 SUSE : 5.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L CVE-2026-2604 SUSE : 6.8...

OPENSUSE-SU-2026:10262-1 evolution-data-server-3.58.3-2.1 on GA media

These are all security issues fixed in the evolution-data-server-3.58.3-2.1 package on the GA media of openSUSE Tumbleweed...

Ubuntu: Security Advisory (USN-8055-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-8055-1 evolution-data-server vulnerability

It was discovered that Evolution Data Server incorrectly handled removing local cache files. An attacker could possibly use this issue to cause Evolution Data Server to remove arbitrary files...

USN-8055-1: Evolution Data Server vulnerability

It was discovered that Evolution Data Server incorrectly handled removing local cache files. An attacker could possibly use this issue to cause Evolution Data Server to remove arbitrary files...

Evolution Data Server 安全漏洞

Evolution Data Server is an application developed by the GNOME organization. It provides an address book and calendar, allowing all applications to store and retrieve information. There is a security vulnerability in Evolution Data Server, which stems from local cache files. Attackers can bypass...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : Evolution Data Server vulnerability (USN-8055-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8055-1 advisory. It was discovered that Evolution Data Server incorrectly handled removing local cache files. An attacker could possibly use this issue to caus...

Linux Distros Unpatched Vulnerability : CVE-2026-2604

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in evolution-data-server. Inconsistent comparison logic in the addressbook file backend allows a Flatpak application with D-Bus access to craft...

MiracleLinux 8 : evolution-data-server-3.28.5-15.el8, evolution-ews-3.28.5-10.el8, evolution-3.28.5-16.el8 (AXSA:2021-2137:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2137:01 advisory. evolution-data-server: NULL pointer dereference related to imapxfreecapability and imapxconnecttoserver CVE-2020-16117 Tenable has extracted the preceding...

MiracleLinux 8 : evolution-data-server-3.28.5-13.el8, evolution-ews-3.28.5-5.el8, evolution-3.28.5-12.el8 (AXSA:2020-530:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-530:01 advisory. evolution: specially crafted email leading to OpenPGP signatures being spoofed for arbitrary messages CVE-2018-15587 Tenable has extracted the preceding...

MiracleLinux 8 : bogofilter-1.2.5-2.el8, evolution-data-server-3.28.5-14.el8, evolution-mapi-3.28.3-3.el8, evolution-3.28.5-14.el8, openchange-2.3-26.el8 (AXSA:2021-1388:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1388:01 advisory. evolution-data-server: Response injection via STARTTLS in SMTP and POP3 CVE-2020-14928 Tenable has extracted the preceding description block directly from th...