Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : curl vulnerabilities (USN-8227-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8227-1 advisory. It was discovered that curl incorrectly reused non-TLS connections when TLS was required in some STARTTLS configurations....

curl: Heap Buffer Over-Read via Malicious SMB Server READ_ANDX Response

================================================================================ DESCRIPTION: ================================================================================ Summary: I discovered a heap buffer over-read vulnerability in libcurl's SMB protocol implementation. A malicious SMB serv...

Low: samba security, bug fix, and enhancement update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a later upstream version:...

curl: Use-after-free triggered by an HTTP proxy deny response

A vulnerability was found in curl. In this issue, curl can be asked to tunnel all protocols virtually it supports through an HTTP proxy. HTTP proxies can deny these tunnel operations using an appropriate HTTP error response code. When getting denied to tunnel the specific SMB or TELNET protocols,...

UBUNTU-CVE-2022-22995

The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting these combination of primitives, an attacker can execute arbitrary code...

samba bug fix and enhancement update

An update is available for samba. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Samba is an open-source implementation of the Server Message Block SMB protocol...

The vulnerability of the message authentication subsystem of the RPMB protocol in Intel Trusted Execution Engine (TXE) software allows a perpetrator to enhance their privileges.

The vulnerability of the message authentication subsystem of the RPMB protocol in Intel Trusted Execution Engine TXE microprogramming software is related to authentication deficiencies. Exploiting this vulnerability can allow attackers to enhance their privileges...

CentOS 7 : samba (CESA-2017:1950)

An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

CVE-2013-3219

bitcoind and Bitcoin-Qt 0.8.x before 0.8.1 do not enforce a certain block protocol rule, which allows remote attackers to bypass intended access restrictions and conduct double-spending attacks via a large block that triggers incorrect Berkeley DB locking in older product versions...