CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

604 matches found

CVE•added 2023/01/10 12:0 a.m.•140 views

CVE-2023-21728

Technical details about CVE-2023-21728 are not publicly provided in the supplied documents. Please monitor for updates from official sources.

7.5CVSS7.5AI score0.01978EPSS

Exploits0References1Affected Software15

CNNVD•added 2023/01/10 12:0 a.m.•3 views

Microsoft Windows Netlogon 安全漏洞

Microsoft Windows Netlogon is an important component of Windows from Microsoft Corporation USA, whose main functions are authentication of users and machines on intra-domain networks and replication of databases for domain-controlled backups, as well as maintenance of domain member-to-domain,...

7.5CVSS7.5AI score0.01978EPSS

Exploits0References5

Kaspersky•added 2023/01/10 12:0 a.m.•95 views

KLA20158 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code, bypass security restrictions, obtain sensitive information. Below is a complete list of...

9.1CVSS9.7AI score0.41538EPSS

Exploits3References63

Positive Technologies•added 2023/01/10 12:0 a.m.•2 views

PT-2023-1132 · Microsoft · Windows Netlogon +1

Name of the Vulnerable Software and Affected Versions: Windows Netlogon affected versions not specified Description: The issue is related to insufficient input validation in the Windows Netlogon service, which can be exploited by a remote attacker to cause a denial of service. This allows attacke...

7.8CVSS8.9AI score0.01978EPSS

Exploits0References8

Tenable Nessus•added 2023/01/04 12:0 a.m.•32 views

Amazon Linux 2 : samba, --advisory ALAS2-2021-1649 (ALAS-2021-1649)

The version of samba installed on the remote host is prior to 4.10.16-13. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1649 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

5.6AI score

Exploits0References2

Tenable Nessus•added 2023/01/04 12:0 a.m.•284 views

Samba < 4.15.13 / 4.16.x < 4.16.8 / 4.17.x < 4.17.4 Multiple Vulnerabilities

The version of Samba running on the remote host is prior to 4.15.13, 4.16.x prior to 4.16.8, or 4.17.x prior to 4.17.4. It is, therefore, affected by multiple vulnerabilities: - Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability. CVE-2022-37966, CVE-2022-45141 - Windows Kerberos...

9.8CVSS7.2AI score0.04488EPSS

Exploits0References9

OpenVAS•added 2023/01/03 12:0 a.m.•32 views

SUSE: Security Advisory (SUSE-SU-2023:0014-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.5AI score0.04488EPSS

Exploits0References7

Tenable Nessus•added 2023/01/03 12:0 a.m.•47 views

SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2023:0014-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0014-1 advisory. - Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability CVE-2022-37966 - Windows Kerberos Elevation o...

8.1CVSS7.2AI score0.04488EPSS

Exploits0References11

OSV•added 2023/01/02 6:6 p.m.•11 views

SUSE-SU-2023:0014-1 Security update for samba

This update for samba fixes the following issues: Update to 4.15.13 - CVE-2022-37966 rc4-hmac Kerberos session keys issued to modern servers bsc1205385. - CVE-2022-37967 Kerberos constrained delegation ticket forgery possible against Samba AD DC bsc1205386. - CVE-2022-38023 RC4/HMAC-MD5 NetLogon...

8.1CVSS7.6AI score0.04488EPSS

Exploits0References8

F5 Networks•added 2022/12/29 11:27 p.m.•3 views

K000130414: Samba vulnerability CVE-2022-38023

Security Advisory Description Netlogon RPC Elevation of Privilege Vulnerability. CVE-2022-38023 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently supported releases for potential vulnerability...

8.1CVSS6.9AI score0.02559EPSS

Exploits0

Tenable Nessus•added 2022/12/21 12:0 a.m.•46 views

Fedora 36 : samba (2022-7f9021ead1)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-7f9021ead1 advisory. Security fixes for CVE-2022-37966, CVE-2022-37967 and CVE-2022-38023 Tenable has extracted the preceding description block directly from the Fedora...

8.1CVSS7.2AI score0.04488EPSS

Exploits0References4

OpenVAS•added 2022/12/19 12:0 a.m.•29 views

Samba Multiple Vulnerabilities (Dec 2022)

Samba is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS8.1AI score0.04488EPSS

Exploits0References3

The Hacker News•added 2022/12/17 6:54 a.m.•90 views

Samba Issues Security Updates to Patch Multiple High-Severity Vulnerabilities

Samba has released software updates to remediate multiple vulnerabilities that, if successfully exploited, could allow an attacker to take control of affected systems. The high-severity flaws, tracked as CVE-2022-38023, CVE-2022-37966, CVE-2022-37967, and CVE-2022-45141, have been patched in...

9.8CVSS3AI score0.04488EPSS

Exploits0

Tenable Nessus•added 2022/12/17 12:0 a.m.•46 views

Slackware Linux 15.0 / current samba Multiple Vulnerabilities (SSA:2022-351-01)

The version of samba installed on the remote host is prior to 4.15.13 / 4.17.4. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2022-351-01 advisory. - Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022...

9.8CVSS7.3AI score0.04488EPSS

Exploits0References4

RedhatCVE•added 2022/12/16 6:5 p.m.•67 views

CVE-2022-38023

A flaw was found in samba. The Netlogon RPC implementations may use the rc4-hmac encryption algorithm, which is considered weak and should be avoided even if the client supports more modern encryption types. This issue could allow an attacker who knows the plain text content communicated between...

8.1CVSS8AI score0.02559EPSS

Exploits0References4

ALT Linux•added 2022/12/15 12:0 a.m.•51 views

Security fix for the ALT Linux 10 package samba version 4.16.8-alt1

Dec. 15, 2022 Evgeny Sinelnikov 4.16.8-alt1 - Update to maintenance release of Samba 4.16 with fixes of the Samba CVE for the Windows Kerberos Elevation of Privilege Vulnerability disclosed by Microsoft on Nov 8 2022 CVE-2022-37967, CVE-2022-37966. - Security fixes: + CVE-2022-37966: A Samba Acti...

7.6AI score0.04488EPSS

Exploits0

Samba•added 2022/12/15 12:0 a.m.•122 views

RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided

Description This is Samba's response to Microsoft's CVE-2022-3802312. Following RFC8429 and as has been published for CVE-2022-3938, rc4-hmac also known as arcfour-hmac-md5 cryptography in Kerberos is weak, then it follows that the RC4 mode in the NETLOGON Secure Channel DCE/RPC bulk encryption i...

8.1CVSS7.4AI score0.02559EPSS

Exploits0

BDU FSTEC•added 2022/11/17 12:0 a.m.•6 views

The vulnerability of the Netlogon Remote Protocol (MS-NRPC) implementation in Windows operating systems allows a hacker to increase their privileges.

The vulnerability of the Netlogon Remote Protocol MS-NRPC implementation in Windows operating systems is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

8.1CVSS6.8AI score0.02559EPSS

Exploits0References11Affected Software4