Lucene search
K

7 matches found

OSV
OSV
added 2026/06/17 1:20 p.m.4 views

DEBIAN-CVE-2026-2604

A flaw was found in evolution-data-server. Inconsistent comparison logic in the addressbook file backend allows a Flatpak application with D-Bus access to craft a malicious URI containing directory traversal sequences. This URI is stored without proper validation during contact creation or...

5.6CVSS5.5AI score0.00189EPSS
Exploits0References1
Amazon
Amazon
added 2026/03/05 12:0 a.m.5 views

Medium: evolution-data-server

Issue Overview: The Evolution backend server exposes the D-Bus service org.gnome.evolution.dataserver.AddressBook, that can be used in order to manage contacts. A Flatpak application with access to this D-Bus service can exploit this issue in order to gain arbitrary file deletion on the host...

6AI score0.00189EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/03/05 12:0 a.m.5 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : evolution-data-server (SUSE-SU-2026:0775-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0775-1 advisory. This update for evolution-data-server fixes the following issue: - CVE-2026-2604: arbitrary file deletion...

5.6CVSS6AI score0.00189EPSS
Exploits0References4
OSV
OSV
added 2026/03/03 1:20 p.m.4 views

SUSE-SU-2026:0776-1 Security update for evolution-data-server

This update for evolution-data-server fixes the following issue: - CVE-2026-2604: arbitrary file deletion via inconsistent URI handling bsc1258307...

5.6CVSS6AI score0.00189EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2026/02/27 12:0 a.m.5 views

evolution-data-server-3.58.3-2.1 on GA media (moderate)

evolution-data-server-3.58.3-2.1 on GA media Announcement ID: openSUSE-SU-2026:10262-1 Rating: moderate Cross-References: CVE-2026-2604 CVSS scores: CVE-2026-2604 SUSE : 5.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L CVE-2026-2604 SUSE : 6.8...

6.8CVSS6AI score0.00189EPSS
Exploits0
Circl
Circl
added 2026/02/23 4:40 p.m.5 views

CVE-2026-2604

creationtimestamp| type| source ---|---|--- 2026-02-23 16:40:13+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mfk3qbdke22b 2026-06-17 00:31:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3moh2quqanb2t...

5.6CVSS4.9AI score0.00189EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/02/18 12:26 a.m.2 views

SUSE CVE-2026-2604

A flaw was found in evolution-data-server. Inconsistent comparison logic in the addressbook file backend allows a Flatpak application with D-Bus access to craft a malicious URI containing directory traversal sequences. This URI is stored without proper validation during contact creation or...

5.6CVSS5.5AI score0.00189EPSS
Exploits0References5
Rows per page
Query Builder