25 matches found
Astra Linux – Vulnerability in Samba
The fixes in 4.6.16, 4.7.9, 4.8.4, and 4.9.7 for CVE-2018-10919, which address the issue of confidential attributes being disclosed via LDAP filters, were insufficient. An attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC...
Vulnerabilities found in Microsoft Windows
Microsoft has published measures to address a vulnerability in Windows operating systems that could allow malicious individuals to access data encrypted via BitLocker. The vulnerability involves bypassing a security feature in Windows, known as “YellowKey”. A proof of concept is available that...
April 14, 2026—KB5083768 (OS Build 28000.1836)
April 14, 2026—KB5083768 OS Build 28000.1836 This security update for Windows 11, version 26H1 KB5083768, includes the latest security improvements, along with non-security updates from last month’s optional preview release. To learn more about differences between security updates, optional...
EUVD-2023-12649
Malicious code in bioql PyPI...
August 13, 2024—KB5041782 (OS Build 10240.20751) - EXPIRED
August 13, 2024—KB5041782 OS Build 10240.20751 - EXPIRED EXPIRATION NOTICEIMPORTANT As of January 27, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. --- 12/8/20 For...
Windows update may present users with a BitLocker recovery screen
Some Windows users may see a BitLocker Recovery screen after applying the Microsoft patch Tuesday updates. BitLocker is a Windows security feature that encrypts entire drives. It prevents someone that has obtained a stolen or lost device from reading the files stored on that drive. Unfortunately,...
PT-2024-4733 · Microsoft · Windows Bitlocker +1
Name of the Vulnerable Software and Affected Versions: Windows BitLocker affected versions not specified Description: The issue is related to a security feature bypass vulnerability in the BitLocker data protection function of Windows operating systems. This vulnerability can be exploited by an...
EulerOS Virtualization 2.11.1 : libldb (EulerOS-SA-2023-2727)
According to the versions of the libldb package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient an...
EulerOS Virtualization 2.11.0 : libldb (EulerOS-SA-2023-2758)
According to the versions of the libldb package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient an...
Huawei EulerOS: Security Advisory for libldb (EulerOS-SA-2023-2650)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 36 : libldb / samba (2023-1c172e3264)
The remote Fedora 36 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-1c172e3264 advisory. Update to ldb 2.5.3 and samba 4.16.10 Security fixes for CVE-2023-0922, CVE-2023-0614 Tenable has extracted the preceding description block directly...
Design/Logic Flaw
The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC...
CVE-2023-0614
The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC...
Vulnerabilities fixed in Samba
Samba developers have fixed vulnerabilities in Samba. A malicious party could exploit the vulnerabilities to gain access gain access to sensitive data, or to manipulate data in the underlying Active Directory without being authorized to do so. The vulnerability with attribute CVE-2023-0614 is a f...
samba -- multiple vulnerabilities
The Samba Team reports: An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory. The Samba AD DC administration tool, when operating against a remote LDAP server, will by default send new or reset...
UBUNTU-CVE-2023-0614
The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC...
August 9, 2022—KB5016684 (Security-only update)
August 9, 2022—KB5016684 Security-only update IMPORTANT Microsoft released update KB5012170 on August 9, 2022. It provides support for Secure Boot Forbidden Signature Database DBX. This is a standalone, security update. Windows 8.1 and newer clients and Windows Server 2012 and newer servers must...
August 9, 2022—KB5016639 (OS Build 10240.19387) - EXPIRED
August 9, 2022—KB5016639 OS Build 10240.19387 - EXPIRED EXPIRATION NOTICEIMPORTAN T As of 9/12/2023, this KB is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality update. NEW...
August 9, 2022—KB5016623 (OS Build 17763.3287)
August 9, 2022—KB5016623 OS Build 17763.3287 NEW 8/26/22IMPORTANT Microsoft released KB5012170 on August 9, 2022. It provides support for Secure Boot Forbidden Signature Database DBX. This is a standalone, security update. Windows 8.1 and newer clients and Windows Server 2012 and newer servers mu...
August 9, 2022—KB5016683 (Security-only update)
August 9, 2022—KB5016683 Security-only update IMPORTANT Microsoft released update KB5012170 on August 9, 2022. It provides support for Secure Boot Forbidden Signature Database DBX. This is a standalone, security update. Windows 8.1 and newer clients and Windows Server 2012 and newer servers must...