26 matches found
CVE-2026-24936 An improper input validation vulnerability was found in ADM while joining a AD Domain.
When a specific function is enabled while joining a AD Domain from ADM, an improper input parameters validation vulnerability in a specific CGI program allowing an unauthenticated remote attacker to write arbitrary data to any file on the system. By exploiting this vulnerability, attackers can...
CVE-2026-24936
CVE-2026-24936 affects ASUSTOR ADM: an improper input parameter validation flaw in a CGI program when a specific function is enabled during AD Domain join allows an unauthenticated remote attacker to write arbitrary data to any file, potentially leading to complete system compromise. Affected: AD...
CVE-2026-24936
When a specific function is enabled while joining a AD Domain from ADM, an improper input parameters validation vulnerability in a specific CGI program allowing an unauthenticated remote attacker to write arbitrary data to any file on the system. By exploiting this vulnerability, attackers can...
CVE-2026-24936 An improper input validation vulnerability was found in ADM while joining a AD Domain.
When a specific function is enabled while joining a AD Domain from ADM, an improper input parameters validation vulnerability in a specific CGI program allowing an unauthenticated remote attacker to write arbitrary data to any file on the system. By exploiting this vulnerability, attackers can...
PT-2026-5771
Name of the Vulnerable Software and Affected Versions ASUSTOR ADM versions 4.1.0 through 4.3.3.ROF1 ASUSTOR ADM versions 5.0.0 through 5.1.1.RCI1 Description An improper input parameters validation issue exists in a specific CGI program when a particular function is enabled during Active Director...
CVE-2025-22956
OPSI before 4.3 allows any client to retrieve any ProductPropertyState, including those of other clients. This can lead to privilege escalation if any ProductPropertyState contains a secret only intended to be accessible by a subset of clients. One example of this is a domain join account passwor...
PT-2025-36466
Name of the Vulnerable Software and Affected Versions: OPSI versions prior to 4.3 Description: OPSI allows any client to retrieve any ProductPropertyState, including those of other clients. This can lead to privilege escalation if any ProductPropertyState contains a secret intended to be accessib...
CVE-2025-22956
OPSI before 4.3 allows any client to retrieve any ProductPropertyState, including those of other clients. This can lead to privilege escalation if any ProductPropertyState contains a secret only intended to be accessible by a subset of clients. One example of this is a domain join account passwor...
CVE-2025-22956
OPSI prior to version 4.3 is vulnerable: any client can retrieve any ProductPropertyState, including other clients’ data. This exposure could enable privilege escalation if a secret such as a domain-join password in windomain is stored in ProductPropertyState. Root cause is improper access contro...
Security update for samba
This update for samba fixes the following issues: CVE-2025-0620: smbd doesn't pick up group membership changes when re-authenticating an expired SMB session bsc1244136. Other bugfixes: net ad join fails with "Failed to join domain: failed to create kerberos keytab" bsc1238063. Patch Instructions:...
SUSE-SU-2025:02230-1 Security update for samba
This update for samba fixes the following issues: - CVE-2025-0620: smbd doesn't pick up group membership changes when re-authenticating an expired SMB session bsc1244136. Other bugfixes: - net ad join fails with 'Failed to join domain: failed to create kerberos keytab' bsc1238063...
January 10, 2023—KB5022343 (Security-only update)
None None...
January 10, 2023—KB5022348 (Monthly Rollup)
None None...
March 14, 2023—KB5023756 (Monthly Rollup)
None None...
November 8, 2022—KB5020003 (Security-only update)
None None...
December 13, 2022—KB5021303 (Security-only update)
None None...
December 13, 2022—KB5021294 (Monthly Rollup)
None None...
April 12, 2022—KB5012666 (Security-only update)
None None...
CLSA-2022-1648067906 Fix of CVE: CVE-2020-25717
CVE-2020-25717: Fix username map script regression rhbz2046174 - Fix possible segfault while joining a domain rhbz2046160...
Critical: samba security and bug fix update
Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: Out-of-bounds heap read/write vulnerability in VF...