MiracleLinux 4 : samba4-4.2.10-11.AXS4 (AXSA:2017-2304:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2304:03 advisory. It was found that samba did not enforce SMB signing when certain configuration options were enabled. A remote attacker could launch a...

EUVD-2016-5006

Malware in sbrugna...

EUVD-2020-25171

Malware in sbrugna...

EUVD-2024-40856

Malicious code in bioql PyPI...

CVE-2024-44092

There is a possible LCS signing enforcement missing due to test/debugging code left in a production build. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2020-3906

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.4. A maliciously crafted application may be able to bypass code signing enforcement...

CVE-2017-12150

...

CVE-2024-44092

There is a possible LCS signing enforcement missing due to test/debugging code left in a production build. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-44092

CVE-2024-44092 describes a missing LCS signing enforcement caused by test/debugging code left in a production build, potentially enabling local privilege escalation without user interaction. Public materials in this set confirm impact on Google Pixel/Android components, with references in the Pix...

PT-2024-30943 · Google · Android

Name of the Vulnerable Software and Affected Versions: TBD affected versions not specified Description: The issue is related to a missing LCS signing enforcement due to test/debugging code left in a production build. This could lead to local escalation of privilege with no additional execution...

PUB-A-345848543

In TBD of TBD, there is a possible LCS signing enforcement missing due to test/debugging code left in a production build. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

OESA-2023-1452 samba security update

Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbinddpamauthcrap.c. When performing NTLM authentication, the client replies to cryptographic challenges back...

DEBIAN-CVE-2021-35039

kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIGMODULESIG, verification that a kernel module is signed, for loading via initmodule, does not occur for a module.sigenforce=1 command-line argument...

OPENSUSE-SU-2021:0776-1 Security update for java-1_8_0-openj9

This update for java-180-openj9 fixes the following issues: - Update to OpenJDK 8u292 build 10 with OpenJ9 0.26.0 virtual machine. - CVE-2021-2161: Fixed incomplete enforcement of JAR signing disabled algorithms bsc1185055. This update was imported from the SUSE:SLE-15-SP2:Update update project...

SUSE-SU-2021:1314-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: - Update to upstream tag jdk-11.0.11+9 April 2021 CPU CVE-2021-2163: Fixed incomplete enforcement of JAR signing disabled algorithms bsc1185055 CVE-2021-2161: Fixed incorrect handling of partially quoted arguments in ProcessBuilder...

Design/Logic Flaw

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.4. A maliciously crafted application may be able to bypass code signing enforcement...

CVE-2020-3906

CVE-2020-3906 concerns a logic issue in the macOS TCC component that could allow a maliciously crafted application to bypass code signing enforcement. The vulnerability is fixed in macOS Catalina 10.15.4. Affected: macOS Catalina (and related 10.15.x releases) where TCC logic allowed bypass of si...

EulerOS Virtualization for ARM 64 3.0.1.0 : samba (EulerOS-SA-2019-1408)

According to the versions of the samba packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A null pointer dereference flaw was found in Samba RPC external printer service. An attacker could use this flaw to cau...

ALPINE-CVE-2017-12150

It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text...

Apple Mac OS X Security Updates (HT208692)-02

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...