367 matches found
SUSE CVE-2009-0582
The ntlmchallenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in Camel in Evolution Data Server aka evolution-data-server 2.24.5 and earlier, and 2.25.92 and earlier 2.25.x versions, does not validate whether a certain length value is consistent with the amount o...
SUSE CVE-2009-0587
Multiple integer overflows in Evolution Data Server aka evolution-data-server before 2.24.5 allow context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation in 1 addressbook/libebook/e-vcard.c in evc or 2 camel/camel-mime-utils.c in libcam...
SUSE CVE-2011-3355
evolution-data-server3 3.0.3 through 3.2.1 used insecure non-SSL connection when attempting to store sent email messages into the Sent folder, when the Sent folder was located on the remote server. An attacker could use this flaw to obtain login credentials of the victim...
SUSE CVE-2013-4166
The gpgctxaddrecipient function in camel/camel-gpg-context.c in GNOME Evolution 3.8.4 and earlier and Evolution Data Server 3.9.5 and earlier does not properly select the GPG key to use for email encryption, which might cause the email to be encrypted with the wrong key and allow remote attackers...
SUSE CVE-2018-12422
addressbook/backends/ldap/e-book-backend-ldap.c in Evolution-Data-Server in GNOME Evolution through 3.29.2 might allow attackers to trigger a Buffer Overflow via a long query that is processed by the strcat function. NOTE: the software maintainer disputes this because "the code had computed the...
SUSE CVE-2020-14928
evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds reads additional data and evaluates it in a TLS context, aka "response injection."...
SUSE CVE-2020-16117
In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid e.g., minimal CAPABILITY line on a connection attempt. This is related to imapxfreecapability and imapxconnecttoserver...
evolution-data-server bug fix and enhancement update
An update is available for evolution-data-server. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...
OESA-2022-1785 evolution-data-server security update
The evolution-data-server package provides a personal information management application that provides integrated mail, calendaring and address book functionality. The evolution-data-server package provides a single database for common, desktop-wide information, such as a user's address book or...
evolution-data-server bug fix and enhancement update
An update is available for evolution-data-server. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The evolution-data-server packages provide a unified back end f...
evolution-data-server bug fix and enhancement update
An update is available for evolution-data-server. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The evolution-data-server packages provide a unified back end f...
OESA-2022-1628 evolution-data-server security update
The evolution-data-server package provides a personal information management application that provides integrated mail, calendaring and address book functionality. The evolution-data-server package provides a single database for common, desktop-wide information, such as a user's address book or...
evolution-data-server bug fix and enhancement update
An update is available for evolution-data-server. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...
evolution-data-server bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
AlmaLinux 8 : evolution (ALSA-2021:1752)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:1752 advisory. - In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid e.g., minimal...
AlmaLinux 8 : evolution (ALSA-2020:4649)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2020:4649 advisory. - evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a begin TLS response, eds reads additiona...
Mageia: Security Advisory (MGASA-2020-0351)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2013-0245)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
evolution, evolution-data-server, evolution-ews bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
ALBA-2021:4180 evolution, evolution-data-server, evolution-ews bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...