CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

45 matches found

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability in Samba

The Samba AD DC administration tool, when working against a remote LDAP server, will, by default, send new or reset passwords over a signed-only connection...

5.9CVSS6.7AI score0.00484EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в heimdal

All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11, and 4.11.x before 4.11.3 have a issue where the S4U MS-SFU Kerberos delegation model includes a feature that allows a subset of clients to be opt-out from constrained delegation in either S4U2Self or regular Kerberos authentication...

6.4CVSS6.4AI score0.02783EPSS

Exploits0References1

AstraLinux•added 2026/05/20 5:53 a.m.•10 views

Astra Linux - уязвимость в samba

The fixes in 4.6.16, 4.7.9, 4.8.4, and 4.9.7 for CVE-2018-10919, which address the issue of confidential attributes being disclosed via LDAP filters, were insufficient. An attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC...

7.7CVSS6.7AI score0.00567EPSS

Exploits0References2

OSV•added 2026/03/09 10:1 a.m.•6 views

CLSA-2026-1773050498 Fix CVE(s): CVE-2025-10230

SECURITY UPDATE: remote command execution via unsanitized WINS hook NetBIOS name handling in Samba AD DC - debian/patches/CVE-2025-10230.patch: validate NetBIOS names in source4 WINS hook to prevent shell metacharacter injection - debian/patches/CVE-2025-10230-test.patch: add torture tests for WI...

10CVSS7.6AI score0.39677EPSS

Exploits2References1

Tenable Nessus•added 2026/01/20 12:0 a.m.•4 views

MiracleLinux 7 : ipa-4.6.8-5.10.0.1.el7.AXS7 (AXSA:2021-2791:05)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2791:05 advisory. samba: Samba AD DC did not always rely on the SID and PAC in Kerberos tickets CVE-2020-25719 Tenable has extracted the preceding description block directly...

9CVSS8AI score0.01673EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-26962

Malware in sbrugna...

6.5CVSS6.5AI score0.01731EPSS

Exploits0References13

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-48056

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00454EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-12649

Malicious code in bioql PyPI...

7.7CVSS6.1AI score0.00567EPSS

Exploits0References6

Tenable Nessus•added 2025/08/20 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2020-25719

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name- based authentication. The Samba AD DC, could become...

9CVSS6.7AI score0.01673EPSS

Exploits0References2

Tenable Nessus•added 2025/03/05 12:0 a.m.•11 views

Linux Distros Unpatched Vulnerability : CVE-2022-45141

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is...

9.8CVSS6.8AI score0.00454EPSS

Exploits0References2

Microsoft CVE•added 2024/10/15 12:0 a.m.•3 views

CVE-2020-25722

...

8.8CVSS7.3AI score0.01581EPSS

Exploits0

Microsoft CVE•added 2024/10/15 12:0 a.m.•4 views

CVE-2022-45141

...

9.8CVSS6.8AI score0.00454EPSS

Exploits0

OpenVAS•added 2023/05/08 12:0 a.m.•24 views

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2023-1769)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.00454EPSS

Exploits0References2

Vulnrichment•added 2023/04/03 12:0 a.m.•4 views

CVE-2023-0614

The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC...

6.6AI score0.00567EPSS

Exploits0References4

SUSE CVE•added 2023/03/30 1:45 a.m.•2 views

SUSE CVE-2023-0614

6.5CVSS6.8AI score0.00567EPSS

Exploits0References11

OSV•added 2023/03/29 12:0 a.m.•1 views

UBUNTU-CVE-2023-0922

The Samba AD DC administration tool, when operating against a remote LDAP server, will by default send new or reset passwords over a signed-only connection...

5.9CVSS6.8AI score0.00484EPSS

Exploits0References4

OSV•added 2023/03/29 12:0 a.m.•0 views

UBUNTU-CVE-2023-0614

7.7CVSS6.7AI score0.00567EPSS

Exploits0References5

NVD•added 2023/03/06 11:15 p.m.•48 views

CVE-2022-45141

Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption...

9.8CVSS9.4AI score0.00454EPSS

Exploits0References2

OSV•added 2023/03/06 11:15 p.m.•6 views

ALPINE-CVE-2022-45141

9.8CVSS6.8AI score0.00454EPSS

Exploits0References1