13 matches found
Astra Linux - уязвимость в samba
A flaw was discovered in Samba. The security vulnerability occurs when the KDC and the kpasswd service share a single account and set of keys, allowing them to decrypt each other’s tickets. A user who has been requested to change their password can exploit this flaw to obtain and use tickets for...
PaperCut NG < 25.0.11 Path Traversal (CVE-2026-6418)
The version of PaperCut NG installed on the remote Windows host is prior to 25.0.11. It is, therefore, affected by a vulnerability: - A path traversal vulnerability exists in the Shared Account Synchronization component of PaperCut NG/MF. Due to a lack of proper path validation and sanitization, ...
PaperCut MF < 25.0.11 Path Traversal (CVE-2026-6418)
The version of PaperCut MF installed on the remote Windows host is prior to 25.0.11. It is, therefore, affected by a vulnerability: - A path traversal vulnerability exists in the Shared Account Synchronization component of PaperCut NG/MF. Due to a lack of proper path validation and sanitization, ...
CVE-2026-6418
PaperCut MF (version 25.0.4) Shared Account Synchronization contains a path traversal in which an authenticated administrator can specify arbitrary local file paths for account data synchronization due to insufficient path validation and sanitization. When the synchronization runs, the system par...
CVE-2026-6418 PaperCut NG/MF: Path Traversal in Shared Account Synchronization
An issue was discovered in the Shared Account Synchronization component of PaperCut MF version 25.0.4. The application allows administrative users to configure a source path for account data synchronization. Due to a lack of proper path validation and sanitization, an authenticated user with...
CVE-2026-6418 PaperCut NG/MF: Path Traversal in Shared Account Synchronization
An issue was discovered in the Shared Account Synchronization component of PaperCut MF version 25.0.4. The application allows administrative users to configure a source path for account data synchronization. Due to a lack of proper path validation and sanitization, an authenticated user with...
PT-2026-36983
Name of the Vulnerable Software and Affected Versions PaperCut MF version 25.0.4 Description An issue in the Shared Account Synchronization component allows authenticated administrative users to specify arbitrary file paths on the local file system due to insufficient path validation and...
CVE-2025-2324 A MOVEit Transfer user configured as a Shared Account can gain unintended List permissions on a folder
Improper Privilege Management vulnerability for users configured as Shared Accounts in Progress MOVEit Transfer SFTP module allows Privilege Escalation.This issue affects MOVEit Transfer: from 2023.1.0 before 2023.1.12, from 2024.0.0 before 2024.0.8, from 2024.1.0 before 2024.1.2...
CVE-2025-2324 A MOVEit Transfer user configured as a Shared Account can gain unintended List permissions on a folder
Improper Privilege Management vulnerability for users configured as Shared Accounts in Progress MOVEit Transfer SFTP module allows Privilege Escalation.This issue affects MOVEit Transfer: from 2023.1.0 before 2023.1.12, from 2024.0.0 before 2024.0.8, from 2024.1.0 before 2024.1.2...
Samba 授权问题漏洞
Samba is the standard Windows interoperability suite of programs for Linux and Unix. An authorization issue vulnerability exists in Samba versions prior to 4.16.4, which stems from the KDC and kpasswd services sharing an account and a set of keys, which in some cases makes both services vulnerabl...
CVE-2017-12191
A flaw was found in the CloudForms account configuration when using VMware. By default, a shared account is used that has privileged access to VMRC VMWare Remote Console functions that may not be appropriate for users of CloudForms and thus this account. An attacker could use this vulnerability t...
CFME: VMRC plugin console grants users administrative access
A flaw was found in the CloudForms account configuration when using VMware. By default, a shared account is used that has privileged access to VMRC VMWare Remote Console functions that may not be appropriate for users of CloudForms and thus this account. An attacker could use this vulnerability t...
PT-2018-5381 · Red Hat · Cloudforms
Name of the Vulnerable Software and Affected Versions: CloudForms affected versions not specified Description: A flaw was found in the CloudForms account configuration when using VMware, where a shared account with privileged access to VMRC functions is used by default. This could allow an attack...