CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2025/01/30 7:49 p.m.•3 views

CLSA-2025-1738266573 samba: Fix of CVE-2023-34967

Fix CVE-2023-34967: fix type confusion vulnerability in Samba's mdssvc RPC service for Spotlight...

5.3CVSS6.6AI score0.19204EPSS

OSV•added 2024/08/21 5:18 p.m.•3 views

CLSA-2024-1724260726 samba: Fix of CVE-2023-34966

CVE-2023-34966: fix infinite loop vulnerability in mdssvc RPC service - some tests were added as skipped...

7.5CVSS6.8AI score0.1431EPSS

RedHat Linux•added 2024/06/25 3:38 p.m.•26 views

Moderate: Red Hat Security Advisory: samba security update

An update for samba is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

Tenable Nessus•added 2024/06/25 12:0 a.m.•27 views

Exploits0References2

RHEL 9 : samba (RHSA-2024:4101)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4101 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allo...

7.5CVSS7AI score0.1431EPSS

Redos•added 2024/02/02 12:0 a.m.•33 views

ROS-20230920-01

Vulnerability of winbinddpamauthcrap.c component of Samba networking software package is related to operation exceeding the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service Vulnerability in SMB2 packet signing...

7.5CVSS7.4AI score0.19204EPSS

Exploits0

RedHat Linux•added 2024/01/25 8:36 a.m.•2 views

samba: type confusion in mdssvc RPC service for spotlight

A Type Confusion vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a key-value style dictionary where the keys are character strings, and the values can be any of the supported types in the mdssvc protocol...

5.3CVSS6.6AI score0.19204EPSS

Tenable Nessus•added 2024/01/25 12:0 a.m.•41 views

RHEL 8 : samba (RHSA-2024:0423)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0423 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...

7.5CVSS6.7AI score0.19204EPSS

Exploits1References13

RedHat Linux•added 2023/11/14 4:4 p.m.•3 views

samba: type confusion in mdssvc RPC service for spotlight

5.3CVSS6.6AI score0.19204EPSS

RedHat Linux•added 2023/11/07 9:37 a.m.•3 views

samba: infinite loop in mdssvc RPC service for spotlight

An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function slunpackloop did not validate a field in the network packet that contains the count of elements in an array-like...

OSV•added 2023/08/09 6:40 p.m.•2 views

CLSA-2023-1691606420 samba: Fix of 2 CVEs

CVE-2022-2127: Fix oud-of-bounds read triggered by maliciously request - CVE-2023-34966: Fix infinite loop vulnerability in mdssvc RPC service...

OSV•added 2023/08/09 10:35 a.m.•2 views

CLSA-2023-1691577351 samba: Fix of 2 CVEs

CVE-2022-2127: Fix oud-of-bounds read triggered by maliciously request - CVE-2023-34966: Fix infinite loop vulnerability in mdssvc RPC service...

OSV•added 2023/08/09 10:22 a.m.•3 views

CLSA-2023-1691576572 Fix CVE(s): CVE-2023-34966

SECURITY UPDATE: infinite loop vulnerability in mdssvc RPC service for Spotlight - debian/patches/CVE-2023-34966.patch: prevents an infinite loop by preventing subcount less than 1. Add test for addressed CVE. - CVE-2023-34966...

7.5CVSS7.3AI score0.1431EPSS