CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

39 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux - уязвимость в samba

A design flaw was identified in Samba’s DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers RODCs. This flaw allows RODCs and users with the GETCHANGES permission to access all attributes, including sensitive...

7.5CVSS6.8AI score0.00397EPSS

Exploits0References2

OpenVAS•added 2024/03/21 12:0 a.m.•17 views

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2024-1408)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.00578EPSS

Exploits0References2

Tenable Nessus•added 2024/02/20 12:0 a.m.•31 views

GLSA-202402-28 : Samba: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202402-28 Samba: Multiple Vulnerabilities - An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and...

9.8CVSS6.8AI score0.19204EPSS

Exploits2References15

Tenable Nessus•added 2024/01/16 12:0 a.m.•24 views

EulerOS 2.0 SP11 : samba (EulerOS-SA-2023-3258)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS...

7.5CVSS6.8AI score0.00578EPSS

Exploits0References4

OpenVAS•added 2023/12/12 12:0 a.m.•17 views

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2023-3258)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.00578EPSS

Exploits0References2

Cloud Foundry•added 2023/11/09 12:0 a.m.•34 views

USN-6425-1: Samba vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description Sri Nagasubramanian discovered that the Samba aclxattr VFS module incorrectly handled read-only files. When Samba is configured to ignore system ACLs, a remote attacker could possibly use this issue to...

7.5CVSS7.5AI score0.00578EPSS

Exploits0Affected Software2

OSV•added 2023/11/07 8:15 p.m.•1 views

AZL-37026 CVE-2023-4154 affecting package samba 4.18.3-2

A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers RODCs. This flaw allows RODCs and users possessing the GETCHANGES right to access all attributes, including sensitive...

6.5CVSS6.7AI score0.00397EPSS

Exploits0References1

NVD•added 2023/11/07 8:15 p.m.•20 views

CVE-2023-4154

7.5CVSS0.00397EPSS

Exploits0References5

ATTACKERKB•added 2023/11/07 8:15 p.m.•1 views

CVE-2023-4154

7.5CVSS6.7AI score0.00397EPSS

Exploits0References6

OSV•added 2023/11/07 8:15 p.m.•1 views

AZL-31955 CVE-2023-4154 affecting package samba 4.12.5-7

6.5CVSS6.7AI score0.00397EPSS

Exploits0References1

OSV•added 2023/11/07 8:15 p.m.•19 views

CVE-2023-4154

6.5CVSS6.3AI score0.00397EPSS

Exploits0References5

OSV•added 2023/11/07 8:15 p.m.•1 views

ALPINE-CVE-2023-4154

6.5CVSS6.7AI score0.00397EPSS

Exploits0References1

OSV•added 2023/11/07 8:15 p.m.•1 views

DEBIAN-CVE-2023-4154

6.5CVSS6.7AI score0.00397EPSS

Exploits0References1

Prion•added 2023/11/07 8:15 p.m.•22 views

Design/Logic Flaw

4CVSS6.8AI score0.00397EPSS

Exploits0References5Affected Software1

Debian CVE•added 2023/11/07 7:14 p.m.•47 views

CVE-2023-4154

7.5CVSS6.7AI score0.00397EPSS

Exploits0

CVE•added 2023/11/07 7:14 p.m.•228 views

CVE-2023-4154

Samba CVE-2023-4154 describes a DirSync control flaw that exposes domain passwords/secrets to privileged users and RODCs, allowing access to all attributes (including krbtgt) and potentially bypassing the RODC/DC boundary. Exploitation is indicated as network-exploitable with low privileges and n...

7.5CVSS6.8AI score0.00397EPSS

Exploits0References5Affected Software1

Veracode•added 2023/10/19 2:47 p.m.•34 views

Privilege Escalation

samba is vulnerable to Privilege Escalation. A design flaw in the Samba DirSync control implementation that exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers RODCs allows RODCs and users possessing the GETCHANGES right to access all attributes,...

7.5CVSS6.7AI score0.00397EPSS

Exploits0References6Affected Software1

SUSE CVE•added 2023/10/12 2:36 p.m.•1 views

SUSE CVE-2023-4154

7.5CVSS6.8AI score0.00397EPSS

Exploits0References12

Ubuntu•added 2023/10/11 8:11 p.m.•96 views

USN-6425-2: Samba regression

USN-6425-1 fixed vulnerabilities in Samba. Due to a build issue on Ubuntu 20.04 LTS, the update introduced regressions in macro handling and possibly other functionality. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Sri Nagasubramanian discovered...

7AI score

Exploits0References1

RedhatCVE•added 2023/10/11 11:12 a.m.•45 views

CVE-2023-4154

7.5CVSS6.8AI score0.00397EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by