Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnome evolution vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2018-15587
GNOME Evolution up to and including 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment.
Gnome Evolution
Debian Debian Linux 8.0
9.8
CVSSv3
CVE-2016-10727
camel/providers/imapx/camel-imapx-server.c in the IMAPx component in GNOME evolution-data-server prior to 3.21.2 proceeds with cleartext data containing a password if the client wishes to use STARTTLS but the server will not use STARTTLS, which makes it easier for remote maliciou...
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Gnome Evolution
9.8
CVSSv3
CVE-2018-12422
addressbook/backends/ldap/e-book-backend-ldap.c in Evolution-Data-Server in GNOME Evolution up to and including 3.29.2 might allow malicious users to trigger a Buffer Overflow via a long query that is processed by the strcat function. NOTE: the software maintainer disputes this b...
Gnome Evolution
5.9
CVSSv3
CVE-2017-17689
The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.
Gnome Evolution -
Mozilla Thunderbird -
Ibm Notes -
Emclient Emclient -
Horde Horde Imp -
9folders Nine -
Freron Mailmate -
Kde Kmail -
Ritlabs The Bat -
Microsoft Outlook 2013
Flipdogsolutions Maildroid -
R2mail2 R2mail2 -
Apple Mail -
Bloop Airmail -
Microsoft Outlook 2010
Microsoft Outlook 2007
Google Gmail -
Kde Trojita -
Postbox-inc Postbox -
Microsoft Outlook 2016
1 Github repository
1 Article
NA
CVE-2011-3201
GNOME Evolution prior to 3.2.3 allows user-assisted remote malicious users to read arbitrary files via the attachment parameter to a mailto: URL, which attaches the file to the email.
Oracle Solaris 11.2
Gnome Evolution 2.4
Gnome Evolution 2.0.1
Gnome Evolution 2.3.6
Gnome Evolution 1.11
Gnome Evolution 1.5
Gnome Evolution 1.2.4
Gnome Evolution 1.4.5
Gnome Evolution 1.4.6
Gnome Evolution 2.0.2
Gnome Evolution 2.12.3
Gnome Evolution 2.3.5
Gnome Evolution 1.4.4
Gnome Evolution 2.24.5
Gnome Evolution 2.26.1
Gnome Evolution 1.2.1
Gnome Evolution 2.3.2
Gnome Evolution 2.2
Gnome Evolution 2.6
Gnome Evolution 1.0.8
Gnome Evolution 2.22.1
Gnome Evolution
NA
CVE-2012-1177
libgdata prior to 0.10.2 and 0.11.x prior to 0.11.1 does not validate SSL certificates, which allows remote malicious users to obtain user names and passwords via a man-in-the-middle (MITM) attack with a spoofed certificate.
Gnome Libgdata
NA
CVE-2009-1631
The Mailer component in Evolution 2.26.1 and previous versions uses world-readable permissions for the .evolution directory, and certain directories and files under .evolution/ related to local mail, which allows local users to obtain sensitive information by reading these files.
Gnome Evolution
Gnome Evolution 1.4.6
Gnome Evolution 1.4.5
Gnome Evolution 1.2.1
Gnome Evolution 1.2
Gnome Evolution 2.0.2
Gnome Evolution 2.0.1
Gnome Evolution 2.0.0
Gnome Evolution 1.2.3
Gnome Evolution 1.2.2
Gnome Evolution 2.24
Gnome Evolution 2.12
Gnome Evolution 1.4.4
Gnome Evolution 1.4.3
Gnome Evolution 1.0.8
Gnome Evolution 2.6
Gnome Evolution 2.4
Gnome Evolution 1.4
Gnome Evolution 1.2.4
NA
CVE-2009-0582
The ntlm_challenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in Camel in Evolution Data Server (aka evolution-data-server) 2.24.5 and previous versions, and 2.25.92 and previous versions 2.25.x versions, does not validate whether a certain leng...
Gnome Evolution-data-server
Gnome Evolution-data-server 2.25.92
NA
CVE-2008-3533
Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and prior to 2.24 allows remote malicious users to execute arbitrary code via format string specifiers in an invalid URI on the command line, as demonstrated by use of yelp wi...
Gnome Yelp
Gnome Gnome 2.20
Gnome Gnome 2.22
1 EDB exploit
NA
CVE-2008-1108
Buffer overflow in Evolution 2.22.1, when the ITip Formatter plugin is disabled, allows remote malicious users to execute arbitrary code via a long timezone string in an iCalendar attachment.
Gnome Evolution 2.2.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »