440 matches found
CVE-2025-10230
A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active...
Samba 操作系统命令注入漏洞
Samba is Samba open source a standard Windows interoperability program suite for Linux and Unix. Samba suffers from an operating system command injection vulnerability that stems from a lack of proper validation or escaping of NetBIOS names in front-end WINS hook processing, which could lead to...
PT-2025-45169
Name of the Vulnerable Software and Affected Versions DataEase versions 2.10.14 and below Description DataEase is a data visualization analysis tool. Versions 2.10.14 and below lack proper protection for the dns:// protocol, leading to a Server-Side Request Forgery SSRF condition. The vendor...
PT-2025-44192
Name of the Vulnerable Software and Affected Versions Reolink Video Doorbell Wi-Fi DB 566128M5MP W affected versions not specified Description The Reolink Video Doorbell Wi-Fi DB 566128M5MP W stores and transmits Dynamic DNS DDNS credentials in plaintext within its configuration and update script...
[SECURITY] Fedora 41 Update: sssd-2.11.1-2.fc41
Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable back end system to connect to multiple different account sources. It is also the basis to provide client auditing and policy...
[SECURITY] Fedora 43 Update: sssd-2.11.1-4.fc43
Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable back end system to connect to multiple different account sources. It is also the basis to provide client auditing and policy...
Samba OS Command Injection Vulnerability
Samba is Samba open source a standard Windows interoperability program suite for Linux and Unix. Samba suffers from an operating system command injection vulnerability that stems from a lack of proper validation or escaping of NetBIOS names in front-end WINS hook processing, which could lead to...
SUSE-SU-2025:03603-1 Security update for samba
This update for samba fixes the following issues: - CVE-2025-9640: Fixed uninitialized memory disclosure via vfsstreamsxattr bsc1251279. - CVE-2025-10230: Fixed command Injection in WINS server hook script bsc1251280...
UBUNTU-CVE-2025-10230
A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active...
EUVD-2003-0172
Malware in sbrugna...
EUVD-2013-5706
Malware in sbrugna...
EUVD-2002-0038
Malware in sbrugna...
EUVD-2008-5670
Malware in sbrugna...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: glibc (UTSA-2025-177646)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-177646 advisory. Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library...
glibc security update
An update is available for glibc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The glibc packages provide the standard C libraries libc, POSIX thread librarie...
EUVD-2023-31931
Malicious code in bioql PyPI...
EUVD-2023-25866
Malicious code in bioql PyPI...
EUVD-2023-2350
Malicious code in bioql PyPI...
EUVD-2024-43740
Malicious code in bioql PyPI...
EUVD-2024-31339
Malicious code in bioql PyPI...