Lucene search
K

38 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.12 views

Astra Linux – Vulnerability in Samba

The fixes in 4.6.16, 4.7.9, 4.8.4, and 4.9.7 for CVE-2018-10919, which address the issue of confidential attributes being disclosed via LDAP filters, were insufficient. An attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC...

7.7CVSS6.5AI score0.00567EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-12649

Malicious code in bioql PyPI...

7.7CVSS6.1AI score0.00567EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2024/10/15 7:0 a.m.3 views

The fix in 4.6.16 4.7.9 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC.

...

7.7CVSS6.5AI score0.02195EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/09/11 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for libldb (EulerOS-SA-2023-2727)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.7CVSS7AI score0.00567EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/09/11 12:0 a.m.16 views

Huawei EulerOS: Security Advisory for libldb (EulerOS-SA-2023-2758)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.7CVSS7AI score0.00567EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/09/05 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for libldb (EulerOS-SA-2023-2650)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.7CVSS7AI score0.00567EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/04/16 12:0 a.m.28 views

Fedora 36 : libldb / samba (2023-1c172e3264)

The remote Fedora 36 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-1c172e3264 advisory. Update to ldb 2.5.3 and samba 4.16.10 Security fixes for CVE-2023-0922, CVE-2023-0614 Tenable has extracted the preceding description block directly...

7.7CVSS6.8AI score0.00567EPSS
Exploits0References3
Prion
Prion
added 2023/04/03 11:15 p.m.32 views

Design/Logic Flaw

The fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC...

4CVSS6.2AI score0.02195EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2023/04/03 12:0 a.m.274 views

CVE-2023-0614

CVE-2023-0614 affects Samba’s AD DC LDAP server, where incomplete remediation in the fixes for CVE-2018-10919 left the system vulnerable to confidential attribute disclosure via LDAP filters. Public details in connected documents show that Samba versions prior to 4.6.16, 4.7.9, and 4.8.4 remain a...

7.7CVSS6.4AI score0.00567EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/03/30 12:0 a.m.28 views

SUSE SLES15 Security Update : ldb, samba (SUSE-SU-2023:1687-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1687-1 advisory. - A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a...

7.7CVSS6.6AI score0.02195EPSS
Exploits0References14
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.25 views

Debian: Security Advisory (DLA-1539-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.8AI score0.04302EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2018:2318-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.9AI score0.10839EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2018:3161-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.5AI score0.02195EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-2484)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.8AI score0.02195EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/18 2:26 p.m.41 views

Security Bulletin: Multiple Vulnerabilities in Samba affect IBM i

Summary Samba is supported on IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2018-10918 DESCRIPTION: Samba is vulnerable to a denial of service, caused by a NULL pointer dereference when checking database outputs from the LDB database layer. If Samba is in an...

8.8CVSS1.2AI score0.10839EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/12/04 12:0 a.m.33 views

EulerOS 2.0 SP2 : samba (EulerOS-SA-2019-2484)

According to the version of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated...

6.5CVSS6.7AI score0.02195EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2019/02/26 7:0 p.m.29 views

Security Bulletin: Multiple Samba vulnerabilities affect IBM Spectrum Protect Plus (CVE-2018-1139, CVE-2018-1140, CVE-2018-10858, CVE-2018-10918, CVE-2018-10919)

Summary There are multiple security vulnerabilities in Samba that affect IBM Spectrum Protect Plus. These vulnerabilities may result in potential information disclosure, denial of service, or execution of arbitrary code on the system. Vulnerability Details CVEID: CVE-2018-1139 DESCRIPTION: Samba...

8.8CVSS1AI score0.10839EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.34 views

Fedora 28 : 2:samba / libldb (2018-bc22d6c7bc)

Update to Samba 4.8.4, Security fix for CVE-2018-1139, CVE-2018-1140, CVE-2018-10858, CVE-2018-10918, CVE-2018-10919 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and...

8.8CVSS6.5AI score0.10839EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2019/01/02 12:0 a.m.34 views

SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2018:2318-1)

This update for samba fixes the following issues: The following security vulnerabilities were fixed : - CVE-2018-1139: Disable NTLMv1 auth if smb.conf doesn't allow it; bsc1095048 - CVE-2018-1140: ldbsearch 'distinguishedName=abc' and DNS query with escapes crashes; bsc1095056 - CVE-2018-10919:...

8.8CVSS6.9AI score0.10839EPSS
Exploits0References16
Mageia
Mageia
added 2018/10/30 6:1 p.m.49 views

Updated samba packages fix security vulnerabilities

Updated samba packages fix security vulnerabilities: A malicious server could return a directory entry that could corrupt libsmbclient memory CVE-2018-10858. Missing access control checks allow discovery of confidential attribute values via authenticated LDAP search expressions CVE-2018-10919. Th...

8.8CVSS3.1AI score0.04302EPSS
Exploits0References7
Rows per page
Query Builder