14 matches found
CVE-2026-43187
A flaw was found in the Linux kernel's XFS filesystem. Incorrect handling of freemap entries when deleting attribute leaf freemap entries can lead to a situation where zero-length freemap entries with a non-zero base are left behind. Subsequent setxattr operations can cause these entries to overl...
EUVD-2002-0045
Malware in sbrugna...
EUVD-2018-20556
Malware in sbrugna...
CVE-2018-8949
An issue was discovered in app/Model/Attribute.php in MISP before 2.4.89. There is a critical API integrity bug, potentially allowing users to delete attributes of other events. A crafted edit for an event without attribute UUIDs but attribute IDs set could overwrite an existing attribute...
Amazon Linux 2023 : libnetapi, libnetapi-devel, libsmbclient (ALAS2023-2023-206)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-206 advisory. An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved...
CVE-2023-0225
A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory...
CVE-2023-0225
A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory...
Fedora 37 : libldb / samba (2023-fca3bfed78)
The remote Fedora 37 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-fca3bfed78 advisory. Update to ldb 2.6.2 and samba 4.17.7 Security fixes for CVE-2023-0225, CVE-2023-0922, CVE-2023-0614 Tenable has extracted the preceding description...
CVE-2023-0225
A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory...
CVE-2018-8949
An issue was discovered in app/Model/Attribute.php in MISP before 2.4.89. There is a critical API integrity bug, potentially allowing users to delete attributes of other events. A crafted edit for an event without attribute UUIDs but attribute IDs set could overwrite an existing attribute...
Code injection
An issue was discovered in app/Model/Attribute.php in MISP before 2.4.89. There is a critical API integrity bug, potentially allowing users to delete attributes of other events. A crafted edit for an event without attribute UUIDs but attribute IDs set could overwrite an existing attribute...
CVE-2018-8949
An issue was discovered in app/Model/Attribute.php in MISP before 2.4.89. There is a critical API integrity bug, potentially allowing users to delete attributes of other events. A crafted edit for an event without attribute UUIDs but attribute IDs set could overwrite an existing attribute...
CVE-2018-8949
CVE-2018-8949 involves MISP before 2.4.89, where a flaw in app/Model/Attribute.php creates an API integrity risk that could let a user delete attributes of other events. A crafted event edit (no attribute UUIDs but with attribute IDs set) could overwrite an existing attribute, potentially impacti...
Несанкционированный доступ в OpenLDAP (unauthorized access)
Пользователь может удалить любой аттрибут...