485964 matches found
Important: Red Hat Security Advisory: samba security update
An update for samba is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring Syste...
samba: Samba: Remote Code Execution in printing subsystem via unescaped job description
A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by...
samba: Remote Code Execution in SAMR
A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...
samba: Samba: Remote Code Execution in printing subsystem via unescaped job description
A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by...
Important: Red Hat Security Advisory: samba security update
An update for samba is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...
CVE-2026-39253
An issue in Pivotal CRM v.6.6.04.08 allows a remote attacker to execute arbitrary code via the Pivotal.Core.Common.dll and Pivotal.Engine.Client.Services.Conversion.dll components...
CVE-2026-52673
SQL Injection vulnerability in Cboard v.0.4.2 and before allows a remote attacker to execute arbitrary code via the getDimensionsValues component...
PT-2026-51474
Name of the Vulnerable Software and Affected Versions expr-eval affected versions not specified Description Code Execution is possible via the 'toJSFunction' API. An attacker can execute arbitrary JavaScript by supplying crafted expressions that are compiled into native code using new Function...
CVE-2026-52673
CVE-2026-52673 affects Cboard
RHEL 9 : samba (RHSA-2026:28053)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:28053 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...
VulnCheck KEV: CVE-2026-6433
The Custom css-js-php WordPress plugin through 2.0.7 does not properly sanitize user input before using it in a SQL query, and the result is passed to eval, allowing unauthenticated users to execute arbitrary PHP code on the server...
VulnCheck KEV: CVE-2025-12352
The Gravity Forms plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the copypostimage function in all versions up to, and including, 2.9.20. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's serv...
CVE-2026-39253
An issue in Pivotal CRM v.6.6.04.08 allows a remote attacker to execute arbitrary code via the Pivotal.Core.Common.dll and Pivotal.Engine.Client.Services.Conversion.dll components...
PT-2026-51547
Name of the Vulnerable Software and Affected Versions Language Servers for AWS versions prior to 1.65.0 Description Improper trust boundary enforcement in the Model Context Protocol MCP server configurations within Amazon Q Developer allows for arbitrary code execution. If a local user opens a...
RHEL 7 : samba (RHSA-2026:28132)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:28132 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...
Linux Distros Unpatched Vulnerability : CVE-2026-49241
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Angular Language Service VS Code Extension provides a rich editing experience for Angular templates. Prior to 21.2.4, the client-side Angular Language Servi...
CVE-2026-39253
CVE-2026-39253 affects Pivotal CRM v6.6.04.08. The vulnerability enables a remote attacker to execute arbitrary code via the components Pivotal.Core.Common.dll and Pivotal.Engine.Client.Services.Conversion.dll , caused by insecure deserialization (CWE-502). The CVSSv3.1 base score is 8.1 (HIGH) w...
PT-2026-51641
Name of the Vulnerable Software and Affected Versions mise versions 2026.3.15 through 2026.6.3 Description mise loads the github.credential command setting from local project configuration files before any trust decision is made. When resolving a GitHub token, the software executes the value of...
PT-2026-51652
An integer overflow in the PSD parser compnent of FastStone Image Viewer v8.3 allows attackers to execute arbitrary code or cause a Denial of Service DoS via supplying a crafted PSD file...
RHEL 8 : samba (RHSA-2026:28056)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:28056 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...