558 matches found
curl: Heap Buffer Over-Read via Malicious SMB Server READ_ANDX Response
================================================================================ DESCRIPTION: ================================================================================ Summary: I discovered a heap buffer over-read vulnerability in libcurl's SMB protocol implementation. A malicious SMB serv...
curl: Heap Buffer Over-Read via Malicious SMB Server READ_ANDX Response
================================================================================ DESCRIPTION: ================================================================================ Summary: I discovered a heap buffer over-read vulnerability in libcurl's SMB protocol implementation. A malicious SMB serv...
October 14, 2025—KB5066782 (OS Build 20348.4294)
None None...
Exploit for CVE-2025-10230
CVE-2025-10230 CVE-2025-102...
CVE-2025-10230
A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active...
AZL-69830 CVE-2025-10230 affecting package samba 4.18.3-2
A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active...
CVE-2025-10230
A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active...
CVE-2025-10230
A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active...
CVE-2025-10230 Samba: command injection in wins server hook script
A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active...
CVE-2025-10230 Samba: command injection in wins server hook script
A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active...
CVE-2025-10230
CVE-2025-10230 involves Samba’s front-end WINS hook where NetBIOS names from registration packets are inserted into a shell without proper validation or escaping, enabling unauthenticated remote code execution as the Samba process. The issue is rooted in unsanitized NetBIOS data in WINS registrat...
Samba 操作系统命令注入漏洞
Samba is Samba open source a standard Windows interoperability program suite for Linux and Unix. Samba suffers from an operating system command injection vulnerability that stems from a lack of proper validation or escaping of NetBIOS names in front-end WINS hook processing, which could lead to...
Samba WINS hook RCE (CVE-2025-10230)
In the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active Directory Domain Controller's...
SUSE CVE-2025-10230
A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active...
CVE-2025-10230
A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active...
EUVD-2002-1092
Malware in sbrugna...
EUVD-2017-8249
Malware in sbrugna...
EUVD-2020-8855
Malware in sbrugna...
EUVD-2000-0990
Malware in sbrugna...
EUVD-2016-4331
Malware in sbrugna...