PT-2026-22638

Transient DOS when an LTE RLC packet with invalid TB is received by UE...

evolution-data-server-3.58.3-2.1 on GA media (moderate)

evolution-data-server-3.58.3-2.1 on GA media Announcement ID: openSUSE-SU-2026:10262-1 Rating: moderate Cross-References: CVE-2026-2604 CVSS scores: CVE-2026-2604 SUSE : 5.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L CVE-2026-2604 SUSE : 6.8...

OPENSUSE-SU-2026:10262-1 evolution-data-server-3.58.3-2.1 on GA media

These are all security issues fixed in the evolution-data-server-3.58.3-2.1 package on the GA media of openSUSE Tumbleweed...

Ubuntu: Security Advisory (USN-8055-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Unity Linux 20.1060e / 20.1070e Security Update: wireshark (UTSA-2026-005368)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005368 advisory. In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This was addressed in epan/dissectors/packet-lte-rrc.c by...

USN-8055-1 evolution-data-server vulnerability

It was discovered that Evolution Data Server incorrectly handled removing local cache files. An attacker could possibly use this issue to cause Evolution Data Server to remove arbitrary files...

USN-8055-1: Evolution Data Server vulnerability

It was discovered that Evolution Data Server incorrectly handled removing local cache files. An attacker could possibly use this issue to cause Evolution Data Server to remove arbitrary files...

Evolution Cyber Intelligence

This is a book written by indoushka that covers the evolution of cyber intelligence from historical methodologies to modern day attacks. Written in Arabic...

Evolution Data Server 安全漏洞

Evolution Data Server is an application developed by the GNOME organization. It provides an address book and calendar, allowing all applications to store and retrieve information. There is a security vulnerability in Evolution Data Server, which stems from local cache files. Attackers can bypass...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : Evolution Data Server vulnerability (USN-8055-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8055-1 advisory. It was discovered that Evolution Data Server incorrectly handled removing local cache files. An attacker could possibly use this issue to caus...

Linux Distros Unpatched Vulnerability : CVE-2026-2604

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in evolution-data-server. Inconsistent comparison logic in the addressbook file backend allows a Flatpak application with D-Bus access to craft...

From points to payouts: The evolution of the Microsoft security researcher leaderboard

The global security research community plays a critical role in helping Microsoft protect customers. Through their deep technical expertise, coordinated disclosure, and collaboration, researchers help identify and remediate vulnerabilities, and shape how our security programs evolve. Many of the...

evolver

🧬 Evolver !GitHub starshttps://img.shields.io/github/star...

MiracleLinux 8 : evolution-data-server-3.28.5-13.el8, evolution-ews-3.28.5-5.el8, evolution-3.28.5-12.el8 (AXSA:2020-530:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-530:01 advisory. evolution: specially crafted email leading to OpenPGP signatures being spoofed for arbitrary messages CVE-2018-15587 Tenable has extracted the preceding...

MiracleLinux 8 : evolution-mapi-3.28.3-7.el8, openchange-2.3-31.el8 (AXSA:2023-6022:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6022:03 advisory. samba: GnuTLS gnutlsrnd can fail and give predictable random values CVE-2022-1615 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : atk-2.28.1-2.el7evolution-data-server-3.28.5-4.el7evolution-ews-3.28.5-5.el7evolution-3.28.5-8.el7 (AXSA:2020-4566:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4566:01 advisory. evolution: specially crafted email leading to OpenPGP signatures being spoofed for arbitrary messages CVE-2018-15587 evolution-ews: all certificate...

MiracleLinux 8 : evolution-data-server-3.28.5-15.el8, evolution-ews-3.28.5-10.el8, evolution-3.28.5-16.el8 (AXSA:2021-2137:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2137:01 advisory. evolution-data-server: NULL pointer dereference related to imapxfreecapability and imapxconnecttoserver CVE-2020-16117 Tenable has extracted the preceding...

MiracleLinux 8 : bogofilter-1.2.5-2.el8, evolution-data-server-3.28.5-14.el8, evolution-mapi-3.28.3-3.el8, evolution-3.28.5-14.el8, openchange-2.3-26.el8 (AXSA:2021-1388:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1388:01 advisory. evolution-data-server: Response injection via STARTTLS in SMTP and POP3 CVE-2020-14928 Tenable has extracted the preceding description block directly from th...

MiracleLinux 4 : evolution-data-server-2.32.3-18.AXS4 (AXSA:2014-352:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2014-352:01 advisory. The evolution-data-server package provides a unified backend for programs that work with contacts, tasks, and calendar information. It was originally develope...

CVE-2023-43340

Cross-site scripting XSS vulnerability in evolution v.3.2.3 allows a local attacker to execute arbitrary code via a crafted payload injected into the cmsadmin, cmsadminemail, cmspassword and cmspasswordconfim parameters...