CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

689 matches found

samba: group policy certificate enrollment uses http:// without validation

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability t...

8CVSS5.8AI score0.00251EPSS

Exploits0References5

RedHat Linux•added yesterday•4 views

samba: group policy certificate enrollment uses http:// without validation

8CVSS5.8AI score0.00251EPSS

Exploits0References5

RedHat Linux•added yesterday•4 views

samba: group policy certificate enrollment uses http:// without validation

8CVSS5.8AI score0.00251EPSS

Exploits0References5

RedHat Linux•added yesterday•7 views

samba: group policy certificate enrollment uses http:// without validation

8CVSS5.8AI score0.00251EPSS

Exploits0References5

CVE•added 2026/06/16 6:5 p.m.•12 views

CVE-2026-53863

OpenClaw before 2026.4.25 exposes an input validation vulnerability in tool group policy callers that accept unvalidated group IDs. When a group ID is supplied to the policy resolver, it can lead to incorrect group-policy decisions for tool invocations, potentially bypassing intended access contr...

7.1CVSS5.3AI score0.00169EPSS

Exploits0References2Affected Software1

RedHat Linux•added 2026/06/15 2:59 p.m.•6 views

samba: group policy certificate enrollment uses http:// without validation

8CVSS5.3AI score0.00251EPSS

Exploits0References5

RedHat Linux•added 2026/06/15 2:59 p.m.•7 views

Important: Red Hat Security Advisory: samba security update

An update for samba is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS5.7AI score0.12797EPSS

Exploits7References6

Rockylinux•added 2026/06/13 12:3 a.m.•21 views

samba security update

An update is available for samba. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Samba is an open-source implementation of the Server Message Block SMB protocol...

9.8CVSS6AI score0.12797EPSS

Exploits8

OSV•added 2026/06/09 6:0 a.m.•9 views

RLSA-2026:22644 Important: samba security update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: group policy certificate enrollment uses http://...

9CVSS5.7AI score0.12797EPSS

Exploits7References4

Tenable Nessus•added 2026/06/06 12:0 a.m.•8 views

RHEL 10 : samba (RHSA-2026:22963)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22963 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...

9.8CVSS6.2AI score0.12797EPSS

Exploits8References15

RedHat Linux•added 2026/06/03 9:52 p.m.•11 views

samba: group policy certificate enrollment uses http:// without validation

8CVSS5.8AI score0.00251EPSS

Exploits0References5

RedHat Linux•added 2026/06/03 3:28 a.m.•12 views

samba: group policy certificate enrollment uses http:// without validation

8CVSS5.8AI score0.00251EPSS

Exploits0References5

Microsoft Secure•added 2026/05/29 4:0 p.m.•37 views

Microsoft is named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection

As threats become more coordinated and faster to execute, endpoint protection has become the proving ground for modern defense. For the seventh consecutive time, Microsoft has been named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection. We believe this reflects both the...

5.8AI score

Exploits0

Vulnrichment•added 2026/05/27 10:2 a.m.•10 views

CVE-2026-3012 Samba: group policy certificate enrollment uses http:// without validation

8CVSS5.8AI score0.00251EPSS

Exploits0References12

Debian CVE•added 2026/05/27 10:2 a.m.•7 views

CVE-2026-3012

8CVSS5.8AI score0.00251EPSS

Exploits0

CVE•added 2026/05/27 10:2 a.m.•45 views

CVE-2026-3012

CVE-2026-3012 concerns Samba’s certificate auto-enrollment over HTTP without verification. When Group Policy auto-enrollment is enabled, Samba may fetch a CA certificate via unencrypted HTTP and install it into the local trust store without proper validation, enabling a MiTM-style attack to intro...

8CVSS5.8AI score0.00251EPSS

Exploits0References12Affected Software3

Cvelist•added 2026/05/27 10:2 a.m.•40 views

CVE-2026-3012 Samba: group policy certificate enrollment uses http:// without validation

8CVSS0.00251EPSS

Exploits0References12

ATTACKERKB•added 2026/05/27 10:2 a.m.•8 views

CVE-2026-3012

8CVSS5.8AI score0.00251EPSS

Exploits0References13

AlpineLinux•added 2026/05/27 10:2 a.m.•11 views

CVE-2026-3012

8CVSS5.8AI score0.00251EPSS

Exploits0References12

CNNVD•added 2026/05/27 12:0 a.m.•9 views

Samba 数据伪造问题漏洞

Samba is an open-source suite of standard Windows interoperability programs for Linux and Unix systems. Samba has a vulnerability related to data falsification, which stems from the automatic certificate registration group policy processing. This process involves retrieving CA certificates via...

8CVSS5.8AI score0.00251EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by