14 matches found
CVE-2026-43187
A flaw was found in the Linux kernel's XFS filesystem. Incorrect handling of freemap entries when deleting attribute leaf freemap entries can lead to a situation where zero-length freemap entries with a non-zero base are left behind. Subsequent setxattr operations can cause these entries to overl...
EUVD-2018-20556
Malware in sbrugna...
EUVD-2002-0045
Malware in sbrugna...
CVE-2018-8949
An issue was discovered in app/Model/Attribute.php in MISP before 2.4.89. There is a critical API integrity bug, potentially allowing users to delete attributes of other events. A crafted edit for an event without attribute UUIDs but attribute IDs set could overwrite an existing attribute...
Amazon Linux 2023 : libnetapi, libnetapi-devel, libsmbclient (ALAS2023-2023-206)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-206 advisory. An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved...
CVE-2023-0225
A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory...
CVE-2023-0225
A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory...
Fedora 37 : libldb / samba (2023-fca3bfed78)
The remote Fedora 37 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-fca3bfed78 advisory. Update to ldb 2.6.2 and samba 4.17.7 Security fixes for CVE-2023-0225, CVE-2023-0922, CVE-2023-0614 Tenable has extracted the preceding description...
CVE-2023-0225
A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory...
Code injection
An issue was discovered in app/Model/Attribute.php in MISP before 2.4.89. There is a critical API integrity bug, potentially allowing users to delete attributes of other events. A crafted edit for an event without attribute UUIDs but attribute IDs set could overwrite an existing attribute...
CVE-2018-8949
An issue was discovered in app/Model/Attribute.php in MISP before 2.4.89. There is a critical API integrity bug, potentially allowing users to delete attributes of other events. A crafted edit for an event without attribute UUIDs but attribute IDs set could overwrite an existing attribute...
CVE-2018-8949
An issue was discovered in app/Model/Attribute.php in MISP before 2.4.89. There is a critical API integrity bug, potentially allowing users to delete attributes of other events. A crafted edit for an event without attribute UUIDs but attribute IDs set could overwrite an existing attribute...
CVE-2018-8949
CVE-2018-8949 involves MISP before 2.4.89, where a flaw in app/Model/Attribute.php creates an API integrity risk that could let a user delete attributes of other events. A crafted event edit (no attribute UUIDs but with attribute IDs set) could overwrite an existing attribute, potentially impacti...
Несанкционированный доступ в OpenLDAP (unauthorized access)
Пользователь может удалить любой аттрибут...