CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

25 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•7 views

Astra Linux - уязвимость в samba

A flaw was discovered in Samba, particularly in the handling of the front-end WINS hook: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets is inserted into shell commands and executed b...

10CVSS7.6AI score0.00486EPSS

Exploits2References2

OSV•added 2025/11/07 8:15 p.m.•0 views

AZL-69782 CVE-2025-10230 affecting package samba 4.12.5-7

A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active...

10CVSS7.5AI score0.00486EPSS

Exploits2References1

OSV•added 2025/11/07 8:15 p.m.•3 views

AZL-69830 CVE-2025-10230 affecting package samba 4.18.3-2

10CVSS7.5AI score0.00486EPSS

Exploits2References1

NVD•added 2025/11/07 8:15 p.m.•2 views

CVE-2025-10230

10CVSS0.00486EPSS

Exploits2References5

OSV•added 2025/11/07 8:15 p.m.•2 views

ALPINE-CVE-2025-10230

10CVSS7.1AI score0.00486EPSS

Exploits2References1

EUVD•added 2025/11/07 7:42 p.m.•2 views

EUVD-2025-38301

10CVSS6.4AI score0.00486EPSS

Exploits2References4

Cvelist•added 2025/11/07 7:42 p.m.•7 views

CVE-2025-10230 Samba: command injection in wins server hook script

10CVSS0.00486EPSS

Exploits2References3

AlpineLinux•added 2025/11/07 7:42 p.m.•9 views

CVE-2025-10230

10CVSS6.9AI score0.00486EPSS

Exploits2

CVE•added 2025/11/07 7:42 p.m.•63 views

CVE-2025-10230

CVE-2025-10230 involves Samba’s front-end WINS hook where NetBIOS names from registration packets are inserted into a shell without proper validation or escaping, enabling unauthenticated remote code execution as the Samba process. The issue is rooted in unsanitized NetBIOS data in WINS registrat...

10CVSS6.7AI score0.00486EPSS

Exploits2References5

Tenable Nessus•added 2025/11/05 12:0 a.m.•4 views

Samba WINS hook RCE (CVE-2025-10230)

In the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active Directory Domain Controller's...

10CVSS7.5AI score0.00486EPSS

Exploits2References2

Tenable Nessus•added 2025/10/27 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2025-10230

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or...

10CVSS6AI score0.00486EPSS

Exploits2References2

Tenable Nessus•added 2025/10/21 12:0 a.m.•1 views

SUSE SLES15 Security Update : samba (SUSE-SU-2025:3677-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3677-1 advisory. - CVE-2025-9640: Fixed vfsstreamsxattr uninitialized memory write bsc1251279. - CVE-2025-10230: Fixed command Injection in WINS...

10CVSS5.7AI score0.00486EPSS

Exploits2References7

Ubuntu•added 2025/10/20 6:5 a.m.•3 views

USN-7826-2: Samba vulnerabilities

USN-7826-1 fixed vulnerabilities in Samba. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: Andrew Walker discovered that Samba incorrectly initialized memory in the vfsstreamsxattr module. An...

10CVSS5.6AI score0.00486EPSS

Exploits2

OSV•added 2025/10/20 6:5 a.m.•0 views

USN-7826-2 samba vulnerabilities

10CVSS7.4AI score0.00486EPSS

Exploits2References3

GithubExploit•added 2025/10/19 3:30 p.m.•330 views

Exploit for CVE-2025-10230

CVE-2025-10230 PoC for CVE-2025-10230 - Samb...

7.2AI score0.00486EPSS

Exploits2

SUSE CVE•added 2025/10/16 11:38 p.m.•2 views

SUSE CVE-2025-10230

10CVSS6.9AI score0.00486EPSS

Exploits2References11

Ubuntu•added 2025/10/16 7:48 a.m.•2 views

USN-7826-1: Samba vulnerabilities

Andrew Walker discovered that Samba incorrectly initialized memory in the vfsstreamsxattr module. An authenticated attacker could possibly use this issue to obtain sensitive information. CVE-2025-9640 Igor Morgenstern discovered that Samba incorrectly handled names passed to the WINS hook program...

10CVSS5.4AI score0.00486EPSS

Exploits2

OSV•added 2025/10/16 7:48 a.m.•1 views

USN-7826-1 samba vulnerabilities

10CVSS7.3AI score0.00486EPSS

Exploits2References3

SUSE Linux•added 2025/10/16 7:37 a.m.•4 views

Security update for samba

This update for samba fixes the following issues: CVE-2025-9640: Fixed uninitialized memory disclosure via vfsstreamsxattr bsc1251279. CVE-2025-10230: Fixed command Injection in WINS server hook script bsc1251280. Patch Instructions: To install this SUSE update use the SUSE recommended installati...

10CVSS7.1AI score0.00486EPSS

Exploits2References8

OpenVAS•added 2025/10/16 12:0 a.m.•3 views

Samba Command Injection Vulnerability (CVE-2025-10230)

Samba is prone to a command injection vulnerability via WINS server hook script. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

10CVSS7.5AI score0.00486EPSS

Exploits2References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by