Lucene search
K

15 matches found

RedHat Linux
RedHat Linux
added 2026/06/23 1:16 a.m.3 views

samba: Remote Code Execution in SAMR

A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...

9.8CVSS6AI score0.02501EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/23 12:46 a.m.9 views

samba: Remote Code Execution in SAMR

A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...

9.8CVSS6AI score0.02501EPSS
Exploits0References5
NVD
NVD
added 2026/05/28 9:16 a.m.20 views

CVE-2026-4408

A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...

9.8CVSS0.02501EPSS
Exploits0References17
ATTACKERKB
ATTACKERKB
added 2026/05/28 7:25 a.m.11 views

CVE-2026-4408

A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...

9.8CVSS5.9AI score0.02501EPSS
Exploits0References17
Cvelist
Cvelist
added 2026/05/28 7:25 a.m.42 views

CVE-2026-4408 Samba: remote code execution in samr

A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...

9CVSS0.02501EPSS
Exploits0References16
AlpineLinux
AlpineLinux
added 2026/05/28 7:25 a.m.15 views

CVE-2026-4408

A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...

9.8CVSS5.9AI score0.02501EPSS
Exploits0References17
CVE
CVE
added 2026/05/28 7:25 a.m.75 views

CVE-2026-4408

CVE-2026-4408 : Samba remotely executes code due to a misconfiguration in the “check password script” feature when the script uses the %u substitution. The client-supplied username is passed with insufficient escaping of shell meta-characters, enabling remote command execution on affected systems...

9.8CVSS5.9AI score0.02501EPSS
Exploits0References17Affected Software3
RedhatCVE
RedhatCVE
added 2026/05/28 7:18 a.m.15 views

CVE-2026-4408

A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...

9.8CVSS5.8AI score0.02501EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2016-6614

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in phpMyAdmin involving the %u username replacement functionality of the SaveDir and UploadDir features. When the username substitution ...

6.8CVSS7.3AI score0.02347EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:59 a.m.4 views

SUSE CVE-2016-6614

An issue was discovered in phpMyAdmin involving the %u username replacement functionality of the SaveDir and UploadDir features. When the username substitution is configured, a specially-crafted user name can be used to circumvent restrictions to traverse the file system. All 4.6.x versions prior...

6.8CVSS6.9AI score0.02347EPSS
Exploits0References4
OSV
OSV
added 2019/01/03 7:29 p.m.2 views

CVE-2018-19505

Remedy AR System Server in BMC Remedy 7.1 may fail to set the correct user context in certain impersonation scenarios, which can allow a user to act with the identity of a different user, because userdata.js in the WOI:WorkOrderConsole component allows a username substitution involving a...

6.5CVSS5.8AI score0.01581EPSS
Exploits2References3
Cvelist
Cvelist
added 2019/01/03 7:0 p.m.23 views

CVE-2018-19505

Remedy AR System Server in BMC Remedy 7.1 may fail to set the correct user context in certain impersonation scenarios, which can allow a user to act with the identity of a different user, because userdata.js in the WOI:WorkOrderConsole component allows a username substitution involving a...

6.4AI score0.01581EPSS
Exploits2References3
OSV
OSV
added 2016/12/11 2:59 a.m.3 views

DEBIAN-CVE-2016-6614

An issue was discovered in phpMyAdmin involving the %u username replacement functionality of the SaveDir and UploadDir features. When the username substitution is configured, a specially-crafted user name can be used to circumvent restrictions to traverse the file system. All 4.6.x versions prior...

6.8CVSS7.5AI score0.02347EPSS
Exploits0References1
OSV
OSV
added 2016/12/11 2:59 a.m.4 views

ALPINE-CVE-2016-6614

An issue was discovered in phpMyAdmin involving the %u username replacement functionality of the SaveDir and UploadDir features. When the username substitution is configured, a specially-crafted user name can be used to circumvent restrictions to traverse the file system. All 4.6.x versions prior...

6.8CVSS6.8AI score0.02347EPSS
Exploits0References1
OSV
OSV
added 2016/12/11 2:59 a.m.4 views

UBUNTU-CVE-2016-6614

An issue was discovered in phpMyAdmin involving the %u username replacement functionality of the SaveDir and UploadDir features. When the username substitution is configured, a specially-crafted user name can be used to circumvent restrictions to traverse the file system. All 4.6.x versions prior...

6.8CVSS6.9AI score0.02347EPSS
Exploits0References3
Rows per page
Query Builder