Cisco IOS XR Software CLI Privilege Escalation (cisco-sa-iosxr-privesc-bF8D5U4W) (CVE-2026-20046)

According to its self-reported version, Cisco IOS XR is affected by a vulnerability. - A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges and gain full administrative control of an affecte...

EUVD-2026-11216

A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges and gain full administrative control of an affected device. This vulnerability is due to incorrect mapping of a command to task groups...

CVE-2026-20046

A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges and gain full administrative control of an affected device. This vulnerability is due to incorrect mapping of a command to task groups...

CVE-2026-20046 Cisco IOS XR Software CLI Privilege Escalation Vulnerability

A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges and gain full administrative control of an affected device. This vulnerability is due to incorrect mapping of a command to task groups...

CVE-2026-20046

CVE-2026-20046 affects Cisco IOS XR Software. The vulnerability stems from an incorrect mapping of a CLI command to task groups, allowing an authenticated, low-privileged local attacker to bypass task group checks and elevate privileges to full administrative control. Impact stated as privilege e...

PT-2026-24729

A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges and gain full administrative control of an affected device. This vulnerability is due to incorrect mapping of a command to task groups...

NewStart CGSL MAIN 6.06 (SP) : samba Multiple Vulnerabilities (NS-SA-2026-0007)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has samba packages installed that are affected by multiple vulnerabilities: - The Samba vfsfruit module uses extended file attributes EA, xattr to provide ...enhanced compatibility with Apple SMB clients and interoperability with a...

EUVD-2008-3775

Malware in sbrugna...

EUVD-2018-6519

Malware in sbrugna...

EUVD-2019-0370

Malware in sbrugna...

NewStart CGSL MAIN 6.06 : samba Multiple Vulnerabilities (NS-SA-2025-0208)

The remote NewStart CGSL host, running version MAIN 6.06, has samba packages installed that are affected by multiple vulnerabilities: - The Samba vfsfruit module uses extended file attributes EA, xattr to provide ...enhanced compatibility with Apple SMB clients and interoperability with a Netatal...

RHEL 6 : samba (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - samba: Active Directory AD domain user could become root on domain members CVE-2020-25717 - samba:...

SUSE CVE-2008-3789

Samba 3.2.0 uses weak permissions 0666 for the 1 groupmapping.tdb and 2 groupmapping.ldb files, which allows local users to modify the membership of Unix groups...

SUSE CVE-2018-11767

In Apache Hadoop 2.9.0 to 2.9.1, 2.8.3 to 2.8.4, 2.7.5 to 2.7.6, KMS blocking users or granting access to users incorrectly, if the system uses non-default groups mapping mechanisms...

GHSA-M7GV-V8XX-V47W XWiki OIDC Authenticator vulnerable to bypassing OpenID login by providing a custom provider

Impact Even if a wiki has an OpenID provider configured through its xwiki.properties, it is possible to provide a third party provider by providing its details through request parameters. One can then bypass the XWiki authentication altogether by specifying its own provider through the...

XWiki OIDC Authenticator vulnerable to bypassing OpenID login by providing a custom provider

Impact Even if a wiki has an OpenID provider configured through its xwiki.properties, it is possible to provide a third party provider by providing its details through request parameters. One can then bypass the XWiki authentication altogether by specifying its own provider through the...

PT-2022-24946 · Xwiki · Xwiki Oidc

Name of the Vulnerable Software and Affected Versions: XWiki OIDC versions prior to 1.29.1 Description: The issue allows an attacker to bypass XWiki authentication by specifying their own OpenID provider through request parameters, such as oidc.endpoint., or by using an XWiki-based OpenID provide...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2021-2282)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OESA-2021-1207 samba security update

Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: A flaw was found in samba. The Samba smbd file server must map Windows group identities SIDs into unix group ids gids. The code that performs this had a flaw that could allow it to read data beyond the e...

Cisco IOS XR Software Authenticated User Privilege Escalation (cisco-sa-iosxr-LJtNFjeN)

According to its self-reported version, Cisco IOS XR Software is affected by a privilege escalation vulnerability in task group assignment for a specific CLI command due to incorrect mapping to task groups. An attacker could exploit this vulnerability by first authenticating to the local CLI shel...