Lucene search
K

26 matches found

Cvelist
Cvelist
added 2026/02/03 3:50 a.m.30 views

CVE-2026-24936 An improper input validation vulnerability was found in ADM while joining a AD Domain.

When a specific function is enabled while joining a AD Domain from ADM, an improper input parameters validation vulnerability in a specific CGI program allowing an unauthenticated remote attacker to write arbitrary data to any file on the system. By exploiting this vulnerability, attackers can...

9.5CVSS0.00779EPSS
Exploits0References1
CVE
CVE
added 2026/02/03 3:50 a.m.62 views

CVE-2026-24936

CVE-2026-24936 affects ASUSTOR ADM: an improper input parameter validation flaw in a CGI program when a specific function is enabled during AD Domain join allows an unauthenticated remote attacker to write arbitrary data to any file, potentially leading to complete system compromise. Affected: AD...

9.8CVSS5.8AI score0.00779EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/03 3:50 a.m.6 views

CVE-2026-24936

When a specific function is enabled while joining a AD Domain from ADM, an improper input parameters validation vulnerability in a specific CGI program allowing an unauthenticated remote attacker to write arbitrary data to any file on the system. By exploiting this vulnerability, attackers can...

9.5CVSS5.8AI score0.00779EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/03 3:50 a.m.3 views

CVE-2026-24936 An improper input validation vulnerability was found in ADM while joining a AD Domain.

When a specific function is enabled while joining a AD Domain from ADM, an improper input parameters validation vulnerability in a specific CGI program allowing an unauthenticated remote attacker to write arbitrary data to any file on the system. By exploiting this vulnerability, attackers can...

9.5CVSS5.7AI score0.00779EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.11 views

PT-2026-5771

Name of the Vulnerable Software and Affected Versions ASUSTOR ADM versions 4.1.0 through 4.3.3.ROF1 ASUSTOR ADM versions 5.0.0 through 5.1.1.RCI1 Description An improper input parameters validation issue exists in a specific CGI program when a particular function is enabled during Active Director...

9.8CVSS5.8AI score0.00779EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2025/09/10 12:34 a.m.13 views

CVE-2025-22956

OPSI before 4.3 allows any client to retrieve any ProductPropertyState, including those of other clients. This can lead to privilege escalation if any ProductPropertyState contains a secret only intended to be accessible by a subset of clients. One example of this is a domain join account passwor...

9.8CVSS7AI score0.00345EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/08 12:0 a.m.4 views

PT-2025-36466

Name of the Vulnerable Software and Affected Versions: OPSI versions prior to 4.3 Description: OPSI allows any client to retrieve any ProductPropertyState, including those of other clients. This can lead to privilege escalation if any ProductPropertyState contains a secret intended to be accessib...

9.8CVSS6.5AI score0.00345EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/09/08 12:0 a.m.8 views

CVE-2025-22956

OPSI before 4.3 allows any client to retrieve any ProductPropertyState, including those of other clients. This can lead to privilege escalation if any ProductPropertyState contains a secret only intended to be accessible by a subset of clients. One example of this is a domain join account passwor...

0.00345EPSS
Exploits0References1
CVE
CVE
added 2025/09/08 12:0 a.m.21 views

CVE-2025-22956

OPSI prior to version 4.3 is vulnerable: any client can retrieve any ProductPropertyState, including other clients’ data. This exposure could enable privilege escalation if a secret such as a domain-join password in windomain is stored in ProductPropertyState. Root cause is improper access contro...

9.8CVSS6.5AI score0.00345EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2025/07/04 4:3 p.m.5 views

Security update for samba

This update for samba fixes the following issues: CVE-2025-0620: smbd doesn't pick up group membership changes when re-authenticating an expired SMB session bsc1244136. Other bugfixes: net ad join fails with "Failed to join domain: failed to create kerberos keytab" bsc1238063. Patch Instructions:...

7.6CVSS7.5AI score0.00595EPSS
Exploits0References6
OSV
OSV
added 2025/07/04 4:3 p.m.10 views

SUSE-SU-2025:02230-1 Security update for samba

This update for samba fixes the following issues: - CVE-2025-0620: smbd doesn't pick up group membership changes when re-authenticating an expired SMB session bsc1244136. Other bugfixes: - net ad join fails with 'Failed to join domain: failed to create kerberos keytab' bsc1238063...

4.9CVSS5.8AI score0.00595EPSS
Exploits0References4
Microsoft KB
Microsoft KB
added 2023/04/11 7:0 a.m.131 views

January 10, 2023—KB5022343 (Security-only update)

None None...

9.1CVSS6.8AI score0.03537EPSS
Exploits1
Microsoft KB
Microsoft KB
added 2023/04/11 7:0 a.m.187 views

January 10, 2023—KB5022348 (Monthly Rollup)

None None...

9.1CVSS6.8AI score0.03537EPSS
Exploits1
Microsoft KB
Microsoft KB
added 2023/03/14 7:0 a.m.221 views

March 14, 2023—KB5023756 (Monthly Rollup)

None None...

9.8CVSS6.8AI score0.4997EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2023/01/26 8:0 a.m.83 views

November 8, 2022—KB5020003 (Security-only update)

None None...

8.8CVSS6.8AI score0.24623EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2022/12/13 8:0 a.m.47 views

December 13, 2022—KB5021303 (Security-only update)

None None...

8.5CVSS6.8AI score0.61605EPSS
Exploits6
Microsoft KB
Microsoft KB
added 2022/12/13 8:0 a.m.57 views

December 13, 2022—KB5021294 (Monthly Rollup)

None None...

8.5CVSS6.8AI score0.61605EPSS
Exploits6
Microsoft KB
Microsoft KB
added 2022/04/12 8:0 a.m.94 views

April 12, 2022—KB5012666 (Security-only update)

None None...

10CVSS6.8AI score0.91316EPSS
Exploits23
OSV
OSV
added 2022/03/23 8:38 p.m.7 views

CLSA-2022-1648067906 Fix of CVE: CVE-2020-25717

CVE-2020-25717: Fix username map script regression rhbz2046174 - Fix possible segfault while joining a domain rhbz2046160...

8.5CVSS5.8AI score0.01612EPSS
Exploits0References1
AlmaLinux
AlmaLinux
added 2022/01/31 3:40 p.m.60 views

Critical: samba security and bug fix update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: Out-of-bounds heap read/write vulnerability in VF...

9CVSS9.1AI score0.7372EPSS
Exploits1References1
Rows per page
Query Builder