Important: Red Hat Security Advisory: samba security update

An update for samba is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring Syste...

Important: Red Hat Security Advisory: samba security update

An update for samba is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...

RockyLinux 9 : samba (RLSA-2026:25049)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:25049 advisory. samba: Missing access check on reparse point operations CVE-2026-1933 samba: vfsworm does not block directory modification CVE-2026-2340 samba: group...

samba security update

An update is available for samba. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Samba is an open-source implementation of the Server Message Block SMB protoco...

OPENSUSE-SU-2026:20905-1 Security update for samba

This update for samba fixes the following issues Security issues: - CVE-2026-1933: Missing access check on reparse point operations bsc1261188. - CVE-2026-2340: vfsworm does not block directory modification bsc1261158. - CVE-2026-3012: group policy certificate enrollment uses http: // without...

SUSE-SU-2026:22045-1 Security update for samba

This update for samba fixes the following issues Security issues: - CVE-2026-1933: Missing access check on reparse point operations bsc1261188. - CVE-2026-2340: vfsworm does not block directory modification bsc1261158. - CVE-2026-3012: group policy certificate enrollment uses http: // without...

Fedora 43 : freeipa / samba (2026-fc81581a79)

The remote Fedora 43 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-fc81581a79 advisory. Update to Samba 4.23.8 - Security fix for CVE-2026-4480, CVE-2026-2340, CVE-2026-3012, CVE-2026-1933, CVE-2026-4408, and CVE-2026-3238 Tenable has...

Fedora 44 : freeipa / samba (2026-7567819345)

The remote Fedora 44 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-7567819345 advisory. Update to Samba 4.24.3 - Security fix for CVE-2026-4480, CVE-2026-2340, CVE-2026-3012, CVE-2026-1933, CVE-2026-4408, and CVE-2026-3238 Tenable has...

SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2026:2076-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2076-1 advisory. This update for samba fixes the following issues Security issues: - CVE-2026-1933: Missing access check on...

Fedora 45 : freeipa / samba (2026-9b08621bdc)

The remote Fedora 45 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-9b08621bdc advisory. Update to Samba 4.24.3 - Security fix for CVE-2026-4480, CVE-2026-2340, CVE-2026-3012, CVE-2026-1933, CVE-2026-4408, and CVE-2026-3238 Tenable has...

DEBIAN-CVE-2026-1933

A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations even on read-onl...

Linux Distros Unpatched Vulnerability : CVE-2026-1933

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Samba's handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticat...

CVE-2026-1933

creationtimestamp| type| source ---|---|--- 2026-05-26 14:33:00+00:00| seen| https://vulnerability.circl.lu/bundle/ef598036-eda2-4311-807e-ebbdfb04a51d 2026-05-27 02:01:27+00:00| seen| https://bsky.app/profile/slackers.it/post/3mmsfyjytqj2i 2026-05-27 02:01:29+00:00| seen|...

SUSE-SU-2026:2076-1 Security update for samba

This update for samba fixes the following issues Security issues: - CVE-2026-1933: Missing access check on reparse point operations bsc1261188. - CVE-2026-2340: vfsworm does not block directory modification bsc1261158. - CVE-2026-3012: group policy certificate enrollment uses http: // without...

Debian dsa-6297 : ctdb - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6297 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6297-1 [email protected]...

MiracleLinux 9 : firefox-128.8.0-1.el9_5.ML.1 (AXSA:2025-9736:09)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9736:09 advisory. firefox: Use-after-free in WebTransportChild CVE-2025-1931 firefox: AudioIPC StreamData could trigger a use-after-free in the Browser process...

EUVD-2024-1933

Malicious code in bioql PyPI...

TencentOS Server 3: firefox (TSSA-2025:0229)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0229 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

CVE-2022-1933

The CDI WordPress plugin before 5.1.9 does not sanitise and escape a parameter before outputting it back in the response of an AJAX action available to both unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting...

CVE-2021-1933

UE assertion is possible due to improper validation of invite message with SDP body in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables...