320 matches found
CVE-2026-52795
Gogs is an open source self-hosted Git service. In 0.14.3 and earlier, any authenticated user can watch a private repository they have no access to, because the access check in the Watch API handler is inverted. The code checks if repoCtx.ViewerCanRead returns 404 when the user CAN read instead o...
CVE-2026-52795
CVE-2026-52795 affects Gogs (open source self-hosted Git service). In 0.14.3 and earlier, an authorization logic error in the Watch API lets any authenticated user watch a private repository they have no access to, due to an inverted access check. This exposes private repository activity in the a...
PT-2026-52084
Name of the Vulnerable Software and Affected Versions Gogs versions prior to 0.14.4 Description An authenticated user can watch a private repository without having the necessary access permissions. This occurs because the access check in the Watch API handler is inverted, specifically within the...
Important: Red Hat Security Advisory: samba security update
An update for samba is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RHEL 8 : samba (RHSA-2026:28056)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:28056 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...
RHEL 9 : samba (RHSA-2026:28054)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:28054 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...
RHEL 8 : samba (RHSA-2026:28057)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:28057 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...
Astra Linux – Vulnerability in Samba
A flaw was discovered in Samba. An incomplete access check on dnsHostName allows authenticated, but otherwise unprivileged users to delete this attribute from any object in the directory...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: tee: added a overflow check in registershmhelper When special lengths are provided by the user space, registershmhelper may cause an integer overflow when calculating the number of pages covered by a given user space memory regio...
Joomla! Webservice - Password Disclosure
An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints. id: CVE-2023-23752 info: name: Joomla! Webservice - Password Disclosure author: badboycxcc,Sascha Brendel severity: medium description: | An issue was discovered in...
Important: Red Hat Security Advisory: samba security update
An update for samba is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RHEL 9 : samba (RHSA-2026:25979)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25979 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...
samba security update
An update is available for samba. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Samba is an open-source implementation of the Server Message Block SMB protocol...
CVE-2026-48900
An improper access check allowed low privileged users to edit the task types of existing scheduler tasks...
CVE-2026-41649
Outline is a service that allows for collaborative documentation. The shares.create API endpoint starting in version 0.86.0 and prior to version 1.7.0 has an insecure direct object reference.. When both collectionId and documentId are provided in the request, the authorization logic only checks...
CVE-2026-48898
An improper access check allows privilege escalation through the comusers batch task...
CVE-2026-35223
An improper access check allows unauthorized access to comconfig webservice endpoints...
SUSE-SU-2026:22080-1 Security update for samba
This update for samba fixes the following issues Security issues: - CVE-2026-1933: Missing access check on reparse point operations bsc1261188. - CVE-2026-2340: vfsworm does not block directory modification bsc1261158. - CVE-2026-3012: group policy certificate enrollment uses http: // without...
CVE-2026-45155
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.7 and 33.0.0 to before 33.0.1, a missing access check on API level allowed to add unknown circles by their ID directly to other circles. Since circle IDs have 62^15 complexity by...
CVE-2026-45155
Nextcloud Server is affected by CVE-2026-45155 due to a missing API-level access check that allows adding unknown circle IDs to other circles. Affected versions are 32.0.0–32.0.6 and 33.0.0–33.0.0 (i.e., before 32.0.7 and before 33.0.1). The underlying issue could enable unauthorized membership t...