Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

22 matches found

NVD
NVDadded yesterday5 views

CVE-2026-12249

An issue was discovered in Canonical ADSys upstream versions through v0.16.2. During Active Directory Certificate Services AD CS certificate auto-enrollment via the vendored Samba client script internal/policies/certificate/python/vendorsamba/gp/gpcertautoenrollext.py, ADSys utilizes a plaintext...

9.5CVSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded yesterday2 views

CVE-2026-12249

An issue was discovered in Canonical ADSys upstream versions through v0.16.2. During Active Directory Certificate Services AD CS certificate auto-enrollment via the vendored Samba client script internal/policies/certificate/python/vendorsamba/gp/gpcertautoenrollext.py, ADSys utilizes a plaintext...

9.5CVSS6AI score
Exploits0References3Affected Software5
Cvelist
Cvelistadded yesterday4 views

CVE-2026-12249 Canonical ADSys Trust Store Poisoning via Plaintext HTTP Certificate Auto-Enrollment

An issue was discovered in Canonical ADSys upstream versions through v0.16.2. During Active Directory Certificate Services AD CS certificate auto-enrollment via the vendored Samba client script internal/policies/certificate/python/vendorsamba/gp/gpcertautoenrollext.py, ADSys utilizes a plaintext...

9.5CVSS
Exploits0References2
CVE
CVEadded yesterday5 views

CVE-2026-12249

Canonical ADSys upstream versions up to v0.16.2 expose a flaw in AD CS auto-enrollment where the vendored Samba client uses plaintext HTTP (GETCACert) to fetch the CA certificate, enabling a network attacker in a MITM position to supply an attacker-controlled Root CA. This leads to automatic enro...

9.5CVSS6AI score
Exploits0References2
EUVD
EUVDadded yesterday4 views

EUVD-2026-38297

An issue was discovered in Canonical ADSys upstream versions through v0.16.2. During Active Directory Certificate Services AD CS certificate auto-enrollment via the vendored Samba client script internal/policies/certificate/python/vendorsamba/gp/gpcertautoenrollext.py, ADSys utilizes a plaintext...

9.5CVSS6AI score
Exploits0References2
OSV
OSVadded 2026/06/05 3:49 p.m.6 views

OESA-2026-2576 samba security update

Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: A flaw was found in Samba's certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and...

9.8CVSS6.5AI score0.02803EPSS
Exploits7References5
OSV
OSVadded 2026/06/05 3:48 p.m.5 views

OESA-2026-2575 samba security update

Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: A flaw was found in Samba's certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and...

9.8CVSS6.5AI score0.02803EPSS
Exploits7References5
OSV
OSVadded 2026/06/05 3:48 p.m.9 views

OESA-2026-2574 samba security update

Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: A flaw was found in Samba's certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and...

9.8CVSS6.5AI score0.02803EPSS
Exploits7References5
OSV
OSVadded 2026/05/27 11:16 a.m.5 views

ALPINE-CVE-2026-3012

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability t...

6.8CVSS5.8AI score0.00188EPSS
Exploits0References1
AlpineLinux
AlpineLinuxadded 2026/05/27 10:2 a.m.10 views

CVE-2026-3012

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability t...

8CVSS5.8AI score0.00188EPSS
Exploits0References7
RedhatCVE
RedhatCVEadded 2026/05/27 9:26 a.m.8 views

CVE-2026-3012

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability t...

8CVSS5.8AI score0.00188EPSS
Exploits0References4
UbuntuCve
UbuntuCveadded 2026/05/26 12:0 a.m.8 views

CVE-2026-3012

auto-enrolment GPO installing CA certificate over http without verification...

8CVSS5.8AI score0.00188EPSS
Exploits0References2
Samba
Sambaadded 2026/05/26 12:0 a.m.14 views

auto-enrolment GPO installing CA certificate over http

Description If the certificate auto-enrollment GPO is enabled on domain members both in Samba's smb.conf and using Windows GPME tool, a CA certificate may be fetched using a plain HTTP connection and installed in the member computer's trust store. This may give an attacker a chance to intercept t...

8CVSS5.9AI score0.00188EPSS
Exploits0
OSV
OSVadded 2024/03/06 10:52 a.m.16 views

BIT-EJBCA-2021-40086

An issue was discovered in PrimeKey EJBCA before 7.6.0. As part of the configuration of the aliases for SCEP, CMP, EST, and Auto-enrollment, the enrollment secret was reflected on a page that can only be viewed by an administrator. While hidden from direct view, checking the page source would...

3.5CVSS3.7AI score0.00542EPSS
Exploits0References2
OSV
OSVadded 2021/08/25 2:15 a.m.1 views

CVE-2021-40086

An issue was discovered in PrimeKey EJBCA before 7.6.0. As part of the configuration of the aliases for SCEP, CMP, EST, and Auto-enrollment, the enrollment secret was reflected on a page that can only be viewed by an administrator. While hidden from direct view, checking the page source would...

2.2CVSS5.8AI score0.00542EPSS
Exploits0References1
Prion
Prionadded 2021/08/25 2:15 a.m.11 views

Code injection

An issue was discovered in PrimeKey EJBCA before 7.6.0. As part of the configuration of the aliases for SCEP, CMP, EST, and Auto-enrollment, the enrollment secret was reflected on a page that can only be viewed by an administrator. While hidden from direct view, checking the page source would...

3.5CVSS4.2AI score0.00542EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2021/08/25 1:25 a.m.16 views

CVE-2021-40086

An issue was discovered in PrimeKey EJBCA before 7.6.0. As part of the configuration of the aliases for SCEP, CMP, EST, and Auto-enrollment, the enrollment secret was reflected on a page that can only be viewed by an administrator. While hidden from direct view, checking the page source would...

4.1AI score0.00542EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2021/08/25 12:0 a.m.5 views

PT-2021-22796 · Primekey · Primekey Ejbca

Name of the Vulnerable Software and Affected Versions: PrimeKey EJBCA versions prior to 7.6.0 Description: An issue was discovered where the enrollment secret for SCEP, CMP, EST, and Auto-enrollment aliases is reflected on a page, accessible to administrators. Although the secret is hidden from...

3.5CVSS3.8AI score0.00542EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2019/01/02 12:0 a.m.36 views

SUSE SLES15 Security Update : ovmf (SUSE-SU-2018:4155-1)

This update for ovmf fixes the following issues : Security issues fixed : CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPENDWRITE bsc1115916. CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c bsc1115917. CVE-2017-5732: Fixed privilege...

7.8CVSS6.9AI score0.00441EPSS
Exploits0References16
OPENSUSE Linux
OPENSUSE Linuxadded 2018/12/22 6:9 p.m.100 views

Security update for ovmf (moderate)

This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPENDWRITE bsc1115916. - CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c bsc1115917. - CVE-2017-5732: Fixed...

3.4AI score0.00441EPSS
Exploits0References3
Rows per page
Query Builder