MiracleLinux 8 : evolution-data-server-3.28.5-13.el8, evolution-ews-3.28.5-5.el8, evolution-3.28.5-12.el8 (AXSA:2020-530:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-530:01 advisory. evolution: specially crafted email leading to OpenPGP signatures being spoofed for arbitrary messages CVE-2018-15587 Tenable has extracted the preceding...

MiracleLinux 7 : atk-2.28.1-2.el7evolution-data-server-3.28.5-4.el7evolution-ews-3.28.5-5.el7evolution-3.28.5-8.el7 (AXSA:2020-4566:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4566:01 advisory. evolution: specially crafted email leading to OpenPGP signatures being spoofed for arbitrary messages CVE-2018-15587 evolution-ews: all certificate...

EUVD-2025-36414

Malicious code in ews-paze-toolkit npm...

Malicious Package

Overview ews-paze-toolkit is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in ews-paze-toolkit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 919f20823a98370aeff343ebdedbd1f86353649a1f852ec6c5ef7314925970d4 The package ews-paze-toolkit was found to contain malicious code. Source: ghsa-malware 60989a72103601dc11b185549de7abb4bdb1442776d790dab1945d25b5ab27...

MAL-2025-48925 Malicious code in ews-paze-toolkit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 919f20823a98370aeff343ebdedbd1f86353649a1f852ec6c5ef7314925970d4 The package ews-paze-toolkit was found to contain malicious code. Source: ghsa-malware 60989a72103601dc11b185549de7abb4bdb1442776d790dab1945d25b5ab27...

EUVD-2019-13499

Malware in sbrugna...

EUVD-2011-1532

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-3890

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was discovered evolution-ews before 3.31.3 does not check the validity of SSL certificates. An attacker could abuse this flaw to get confidential information...

evolution-ews bug fix and enhancement update

An update is available for evolution-ews. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linu...

evolution-ews bug fix and enhancement update

An update is available for evolution-ews. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linu...

Exchange Backup Fails With: "Failed to get folder properties. Not allowed to access Non IPM folder"

Veeam Data Cloud for Microsoft 365 Customers Customers utilizing Veeam Data Cloud for Microsoft 365 , please be advised that no actions are required to address this issue. All the necessary actions were implemented in the Veeam Data Cloud backend on 2024-04-04. Challenge A backup job in Veeam...

Description of Security Update 1 for Exchange Server 2019: March 12, 2024 (KB5036401)

Description of Security Update 1 for Exchange Server 2019: March 12, 2024 KB5036401 This security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures CVE and security advisory:...

Description of Security Update 12 for Exchange Server 2016: March 12, 2024 (KB5036386)

Description of Security Update 12 for Exchange Server 2016: March 12, 2024 KB5036386 This security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures CVE and security advisory:...

Oracle Linux 8 : evolution (ELSA-2019-3699)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-3699 advisory. - Add patch related to evolution-ews CVE-2019-3890 RH bug 1696763 evolution-ews Tenable has extracted the preceding description block directly from the Oracle...

Impact of Microsoft EWS Deprecation on Microsoft Teams backup

Challenge Due to a recent change deprecating an earlier API EWS, backups of Microsoft Teams may complete with a "Success" status, while no new channel posts were backed up. Solution As it was announced before, Microsoft is deprecating the ability for EWS APIs to access the TeamsMessagesData folde...

NewStart CGSL CORE 5.05 / MAIN 5.05 : atk Multiple Vulnerabilities (NS-SA-2023-0013)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has atk packages installed that are affected by multiple vulnerabilities: - GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a vali...

K73644551: Apache Tomcat vulnerability CVE-2016-6325

Security Advisory Description The Tomcat package on Red Hat Enterprise Linux RHEL 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for 1 /etc/sysconfig/tomcat and 2 /etc/tomcat/tomcat.conf, which allows local users to gain privileges by leveraging membership in the tomcat...

SUSE CVE-2019-3890

It was discovered evolution-ews before 3.31.3 does not check the validity of SSL certificates. An attacker could abuse this flaw to get confidential information by tricking the user into connecting to a fake server without the user noticing the difference...

Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: March 14, 2023 (KB5024296)

Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: March 14, 2023 KB5024296 This security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures CVE:...