Lucene search
+L

143 matches found

RedhatCVE
RedhatCVE
added 2020/08/10 1:43 p.m.27 views

CVE-2020-11879

An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary non-RFC6068 "mailto?attach=..." parameter, a website or other source of mailto links can make Evolution attach local files or directories to a composed email message without showing a warning to the user, as...

4.3CVSS1.3AI score0.02682EPSS
Exploits0References3
OSV
OSV
added 2020/07/29 6:15 p.m.1 views

DEBIAN-CVE-2020-16117

In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid e.g., minimal CAPABILITY line on a connection attempt. This is related to imapxfreecapability and imapxconnecttoserver...

5.9CVSS6.8AI score0.02123EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2020/07/29 6:15 p.m.32 views

CVE-2020-16117

In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid e.g., minimal CAPABILITY line on a connection attempt. This is related to imapxfreecapability and imapxconnecttoserver...

5.9CVSS6.8AI score0.02123EPSS
Exploits1References4
OSV
OSV
added 2020/07/29 6:15 p.m.4 views

UBUNTU-CVE-2020-16117

In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid e.g., minimal CAPABILITY line on a connection attempt. This is related to imapxfreecapability and imapxconnecttoserver...

5.9CVSS7.3AI score0.02123EPSS
Exploits1References5
Openbugbounty
Openbugbounty
added 2020/06/05 3:22 p.m.10 views

gnome-evolution-general.1774414.n4.nabble.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1185457 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

6.1AI score
Exploits0
CNVD
CNVD
added 2020/04/20 12:0 a.m.7 views

GNOME Evolution Arbitrary File Read Vulnerability

GNOME Evolution is a suite of email client programs for the Gnome desktop environment for Linux. The program provides Email, calendar, meeting scheduling, contact management and more. A security vulnerability exists in versions prior to GNOME Evolution 3.35.91. An attacker can exploit this...

6.5CVSS6.9AI score0.02682EPSS
Exploits0References1
NVD
NVD
added 2020/04/17 6:15 p.m.14 views

CVE-2020-11879

An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary non-RFC6068 "mailto?attach=..." parameter, a website or other source of mailto links can make Evolution attach local files or directories to a composed email message without showing a warning to the user, as...

6.5CVSS6.3AI score0.02682EPSS
Exploits0References3
OSV
OSV
added 2020/04/17 6:15 p.m.1 views

DEBIAN-CVE-2020-11879

An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary non-RFC6068 "mailto?attach=..." parameter, a website or other source of mailto links can make Evolution attach local files or directories to a composed email message without showing a warning to the user, as...

6.5CVSS6.3AI score0.02682EPSS
Exploits0References1
Prion
Prion
added 2020/04/17 6:15 p.m.14 views

Code injection

An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary non-RFC6068 "mailto?attach=..." parameter, a website or other source of mailto links can make Evolution attach local files or directories to a composed email message without showing a warning to the user, as...

4.3CVSS6.3AI score0.02682EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2020/04/17 6:15 p.m.13 views

UBUNTU-CVE-2020-11879

An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary non-RFC6068 "mailto?attach=..." parameter, a website or other source of mailto links can make Evolution attach local files or directories to a composed email message without showing a warning to the user, as...

6.5CVSS5.8AI score0.02682EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2020/04/17 6:15 p.m.23 views

CVE-2020-11879

An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary non-RFC6068 "mailto?attach=..." parameter, a website or other source of mailto links can make Evolution attach local files or directories to a composed email message without showing a warning to the user, as...

6.5CVSS6.6AI score0.02682EPSS
Exploits0References4
CVE
CVE
added 2020/04/17 5:7 p.m.168 views

CVE-2020-11879

CVE-2020-11879 affects GNOME Evolution prior to 3.35.91. A malicious or misleading website can abuse the non‑RFC6068 mailto?attach=… parameter to attach local files or directories to a composed email without warning, enabling potential information disclosure. The issue is triggered by using a pro...

6.5CVSS6.2AI score0.02682EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2020/04/17 5:7 p.m.24 views

CVE-2020-11879

An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary non-RFC6068 "mailto?attach=..." parameter, a website or other source of mailto links can make Evolution attach local files or directories to a composed email message without showing a warning to the user, as...

6.3AI score0.02682EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2020/04/17 5:7 p.m.25 views

CVE-2020-11879

An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary non-RFC6068 "mailto?attach=..." parameter, a website or other source of mailto links can make Evolution attach local files or directories to a composed email message without showing a warning to the user, as...

6.5CVSS6.3AI score0.02682EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/03/31 9:15 p.m.5 views

evolution: specially crafted email leading to OpenPGP signatures being spoofed for arbitrary messages

GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment...

6.5CVSS7.4AI score0.02443EPSS
Exploits1References4
OSV
OSV
added 2020/02/06 3:15 p.m.2 views

CVE-2013-4166

The gpgctxaddrecipient function in camel/camel-gpg-context.c in GNOME Evolution 3.8.4 and earlier and Evolution Data Server 3.9.5 and earlier does not properly select the GPG key to use for email encryption, which might cause the email to be encrypted with the wrong key and allow remote attackers...

7.5CVSS7.4AI score
Exploits0References9
NVD
NVD
added 2020/02/06 3:15 p.m.15 views

CVE-2013-4166

The gpgctxaddrecipient function in camel/camel-gpg-context.c in GNOME Evolution 3.8.4 and earlier and Evolution Data Server 3.9.5 and earlier does not properly select the GPG key to use for email encryption, which might cause the email to be encrypted with the wrong key and allow remote attackers...

7.5CVSS7.4AI score0.0189EPSS
Exploits0References5
OSV
OSV
added 2020/02/06 3:15 p.m.3 views

DEBIAN-CVE-2013-4166

The gpgctxaddrecipient function in camel/camel-gpg-context.c in GNOME Evolution 3.8.4 and earlier and Evolution Data Server 3.9.5 and earlier does not properly select the GPG key to use for email encryption, which might cause the email to be encrypted with the wrong key and allow remote attackers...

7.5CVSS7.1AI score0.0189EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2020/02/06 2:29 p.m.108 views

CVE-2013-4166

The gpgctxaddrecipient function in camel/camel-gpg-context.c in GNOME Evolution 3.8.4 and earlier and Evolution Data Server 3.9.5 and earlier does not properly select the GPG key to use for email encryption, which might cause the email to be encrypted with the wrong key and allow remote attackers...

7.5CVSS7.4AI score0.0189EPSS
Exploits0
Cvelist
Cvelist
added 2020/02/06 2:29 p.m.28 views

CVE-2013-4166

The gpgctxaddrecipient function in camel/camel-gpg-context.c in GNOME Evolution 3.8.4 and earlier and Evolution Data Server 3.9.5 and earlier does not properly select the GPG key to use for email encryption, which might cause the email to be encrypted with the wrong key and allow remote attackers...

7.3AI score0.0189EPSS
Exploits0References5
Rows per page
Query Builder