CVE-2020-25717

A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation...

CVE-2020-25717

A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation...

USN-5174-2 samba regression

USN-5174-1 fixed vulnerabilities in Samba. Some of the changes introduced a regression in Kerberos authentication in certain environments. Please see the following upstream bug for more information: https://bugzilla.samba.org/showbug.cgi?id=14922 This update fixes the problem. Original advisory...

USN-5174-1 samba vulnerabilities

Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client connections. A remote attacker could possibly use this issue to downgrade connections to plaintext authentication. CVE-2016-2124 Andrew Bartlett discovered that Samba incorrectly mapping domain users to local users. An...

CVE-2020-25717

A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation...

Simplifying the complex: Introducing Privacy Management for Microsoft 365

The data privacy regulation landscape is more complex than ever. With new laws emerging in countries like China and India, shifts in Europe and the United Kingdom, and currently 26 different laws across the United States, staying ahead of regulations can feel impossible. But this work is...

Palo Alto Expedition Cross-Site Scripting

Multiple cross-site scripting XSS vulnerability exists in Palo ALto Expedition Migration Tool in versions less than or equal to 1.1.8 due to improper validation of user-supplied input before returning it to users. - An authenticated remote attacker may be able to inject arbitrary JavaScript or HT...

CVE-2019-1567

The Expedition Migration tool 1.1.6 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings...

CVE-2019-1567

The Expedition Migration tool 1.1.6 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings...

Design/Logic Flaw

The Expedition Migration tool 1.1.6 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings...

CVE-2019-1567

The Expedition Migration tool 1.1.6 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings...

CVE-2019-1567

The CVE-2019-1567 issue affects Palo Alto Expedition Migration Tool (1.1.x and earlier). Affected component: User Mapping Settings. Root cause: improper validation/exposure allowing an authenticated attacker to inject arbitrary JavaScript or HTML (stored XSS). Impact: attacker can execute script ...

CVE-2019-1569

The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user...

Design/Logic Flaw

The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user...

CVE-2019-1569

The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user...

CVE-2019-1569

The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user...

Stored Cross-Site Scripting in Expedition Migration Tool

A stored cross-site scripting XSS vulnerability exists in the Palo Alto Networks Migration Tool “Expedition”. Ref MT-908/ CVE-2019-1567 Successful exploitation of this issue may allow an authenticated attacker to inject arbitrary JavaScript or HTML in the User Mapping Settings. This issue affects...

Security update for postgresql95 (important)

This update for postgresql95 fixes the following issues: Upate to PostgreSQL 9.5.11: Security issues fixed: https://www.postgresql.org/docs/9.5/static/release-9-5-11.html CVE-2018-1053, boo1077983: Ensure that all temporary files made by pgupgrade are non-world-readable. boo1079757: Rename...

openSUSE Security Update : postgresql94 (openSUSE-2017-1020)

This update for postgresql94 fixes the following issues : - CVE-2017-7547: Further restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1051685 - CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. bsc1051684 -...

Security update for postgresql94 (important)

This update for postgresql94 fixes the following issues: CVE-2017-7547: Further restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1051685 CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. bsc1051684...