CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

29 matches found

Positive Technologies•added 2026/05/05 12:0 a.m.•8 views

PT-2026-37304

Name of the Vulnerable Software and Affected Versions Link Preview JS versions prior to 4.0.1 Description The library fails to check for IPv6 loopback attacks and is susceptible to DNS attacks where an address can be resolved into an internal IP. These issues may lead to internal data leaks...

8.7CVSS5.8AI score0.00432EPSS

Exploits0References7

OSV•added 2026/04/27 8:18 p.m.•4 views

CLSA-2026-1777321102 Fix CVE(s): CVE-2022-26923, CVE-2022-32743

SECURITY UPDATE: Samba AD DC did not enforce the Validated-DNS-Host-Name write right, allowing an unprivileged authenticated user with machine account write access e.g. SeMachineAccountPrivilege to set the dNSHostName attribute to an arbitrary value, bypassing the MS-ADTS requirement that it matc...

9CVSS7.5AI score0.83277EPSS

Exploits9References1

RedhatCVE•added 2026/04/09 7:23 p.m.•3 views

CVE-2026-35519

FTLDNS pihole-FTL provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution RCE vulnerability in the DNS host record configuration parameter dns.hostRecord. This vulnerability allows an...

8.8CVSS6.2AI score0.00537EPSS

Exploits0References1

NVD•added 2026/04/07 4:16 p.m.•2 views

CVE-2026-35519

8.8CVSS0.00537EPSS

Exploits0References1

ATTACKERKB•added 2026/04/07 3:18 p.m.•0 views

CVE-2026-35519

8.8CVSS6.2AI score0.00537EPSS

Exploits0References2Affected Software1

EUVD•added 2026/04/07 3:18 p.m.•1 views

EUVD-2026-19711

8.8CVSS6.2AI score0.00537EPSS

Exploits0References1

Cvelist•added 2026/04/07 3:18 p.m.•20 views

CVE-2026-35519 Pi-hole FTL affected by Remote Code Execution (RCE) via dns.hostRecord Newline Injection

8.8CVSS0.00537EPSS

Exploits0References1

Positive Technologies•added 2026/04/07 12:0 a.m.•4 views

PT-2026-30884

8.8CVSS6.2AI score0.00537EPSS

Exploits0References2

RedhatCVE•added 2026/01/07 9:40 a.m.•9 views

CVE-1999-0101

Buffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names...

10CVSS7.2AI score0.07901EPSS

Exploits3References1

RedhatCVE•added 2025/10/29 3:18 p.m.•5 views

CVE-2025-34309

IPFire versions prior to 2.29 Core Update 198 contain a stored cross-site scripting XSS vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the SERVICE, LOGIN, and PASSWORD parameters when creating or editing a Dynamic DNS host. When a new Dynamic DNS...

5.4CVSS6AI score0.05013EPSS

Exploits0References1

OSV•added 2025/10/28 3:16 p.m.•4 views

CVE-2025-34309

5.4CVSS5.9AI score0.05013EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•7 views

EUVD-1999-0101

Malware in sbrugna...

10CVSS6.4AI score0.07901EPSS

Exploits3References3

OSV•added 2023/04/17 11:5 a.m.•2 views

OESA-2023-1233 samba security update

Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory.CVE-2023-0225 The Samb...

5.9CVSS6.7AI score0.00719EPSS

Exploits0References3

BDU FSTEC•added 2023/04/12 12:0 a.m.•5 views

The vulnerability of the LDAP server of the Samba networking software allows a hacker to remove the DNS-Host-Name attribute from any object in the directory.

The vulnerability of the LDAP server AD DC in the Samba networking software package is related to the incorrect assignment of permissions for a critical resource. Exploiting this vulnerability could allow an attacker to remove the DNS-Host-Name attribute from any object in the directory...

5.5CVSS6.4AI score0.00719EPSS

Exploits0References8Affected Software3

OSV•added 2023/04/03 11:15 p.m.•2 views

DEBIAN-CVE-2023-0225

A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory...

4.3CVSS6AI score0.00719EPSS

Exploits0References1

SUSE CVE•added 2023/02/15 3:25 a.m.•3 views

SUSE CVE-2022-32743

Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it...

4.3CVSS6.9AI score0.01105EPSS

Exploits1References12

Veracode•added 2022/11/03 6:48 a.m.•22 views

Privilege Escalation

samba is vulnerable to privilege escalation. The vulnerability exists because it does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which allows an unprivileged users to write it...

7.5CVSS6.1AI score0.01105EPSS

Exploits1References6Affected Software1

OSV•added 2022/09/12 7:0 a.m.•6 views

SUSE-SU-2022:3244-1 Security update for samba

This update for samba fixes the following issues: - CVE-2022-1615: Fixed error handling in random number generation bso15103bsc1202976. - CVE-2022-32743: Implement validated dnsHostName write rights bso14833bsc1202803. Bugfixes: - Fixed use after free when iterating smbdserverconnection-connectio...

7.5CVSS5.8AI score0.01105EPSS

Exploits2References6

OSV•added 2022/09/01 9:15 p.m.•2 views

DEBIAN-CVE-2022-32743

Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it...

7.5CVSS7.2AI score0.01105EPSS

Exploits1References1

NVD•added 2022/09/01 9:15 p.m.•19 views

CVE-2022-32743

Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it...

7.5CVSS0.01105EPSS

Exploits1References4