31 matches found
CLSA-2026-1778859875 samba: Fix of CVE-2025-0620
Fix CVE-2025-0620: smbd doesn't pick up group membership changes when re-authenticating an expired SMB session...
GHSA-JV9X-W4GM-HWCM Kimai has Missing Object-Level Authorization in the Team API
Summary The Team API endpoints use IsGranted'editteam' instead of IsGranted'edit', 'team', causing Symfony TeamVoter to abstain from voting. This removes entity-level ownership checks on team operations, allowing any user with the editteam permission to modify any team, not just teams they are...
EUVD-2015-7360
Malware in sbrugna...
EUVD-2025-17307
Malicious code in bioql PyPI...
Security update for samba
This update for samba fixes the following issues: CVE-2025-0620: smbd doesn't pick up group membership changes when re-authenticating an expired SMB session bsc1244136. Other bugfixes: net ad join fails with "Failed to join domain: failed to create kerberos keytab" bsc1238063. Patch Instructions:...
Ubuntu 25.04 : Samba vulnerability (USN-7564-1)
The remote Ubuntu 25.04 host has packages installed that are affected by a vulnerability as referenced in the USN-7564-1 advisory. It was discovered that Samba incorrectly handled certain group membership changes when using Kerberos authentication. A remote user could possibly use this issue to...
CVE-2025-0620
A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again...
ALPINE-CVE-2025-0620
A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again...
CVE-2025-0620
A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again...
CVE-2025-0620
A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again...
PT-2025-23682 · Samba +1 · Samba +1
Name of the Vulnerable Software and Affected Versions: Samba versions prior to 4.21.6 Description: The issue concerns a problem with SMB session re-authentication when using Kerberos authentication with SMB. Specifically, smbd does not pick up group membership changes when re-authenticating an...
CVE-2022-2512
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. Membership changes are not reflected in TODO for confidential notes, allowing a former project member...
BIT-GITLAB-2020-13346
Membership changes are not reflected in ToDo subscriptions in GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, allowing guest users to access confidential issues through API...
BIT-GITLAB-2022-2512
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. Membership changes are not reflected in TODO for confidential notes, allowing a former project member...
Information Disclosure
gitlab is vulnerable to Information Disclosure. The vulnerability allows former project members to read updates via TODOs due to membership changes not being reflected for confidential notes...
GitLab 15.x - 15.0.4, 15.1.x - 15.1.3, 15.2 Improper Access Control Vulnerability
GitLab is prone to an improper access control vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if...
CVE-2022-2512
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. Membership changes are not reflected in TODO for confidential notes, allowing a former project member...
CVE-2022-2512
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. Membership changes are not reflected in TODO for confidential notes, allowing a former project member...
UBUNTU-CVE-2022-2512
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. Membership changes are not reflected in TODO for confidential notes, allowing a former project member...
CVE-2022-2512
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. Membership changes are not reflected in TODO for confidential notes, allowing a former project member...