20 matches found
samba: Remote Code Execution in SAMR
A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...
samba: Remote Code Execution in SAMR
A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...
samba: Remote Code Execution in SAMR
A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...
samba: Remote Code Execution in SAMR
A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...
CVE-2026-4408
A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...
CVE-2026-4408
A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...
CVE-2026-4408 Samba: remote code execution in samr
A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...
SUSE CVE-2026-4408
A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...
UAT-9686 actively targets Cisco Secure Email Gateway and Secure Email and Web Manager
Cisco Talos recently discovered a campaign targeting Cisco AsyncOS Software for Cisco Secure Email Gateway, formerly known as Cisco Email Security Appliance ESA, and Cisco Secure Email and Web Manager, formerly known as Cisco Content Security Management Appliance SMA. We assess with moderate...
EUVD-2023-57511
Malicious code in bioql PyPI...
Denial Of Service (DoS)
Firefox ESR is vulnerable to Denial Of Service DoS. The vulnerability occurs if Windows does not duplicate a handle during process creation. In such cases, the sandbox code may unintentionally free a pointer twice, leading to a use-after-free situation and a potentially exploitable crash. This bu...
CVE-2023-5174
If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash. This bug only affects Firefox on Windows when run in non-standard configurations such as using runas...
CVE-2023-5174
If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash. This bug only affects Firefox on Windows when run in non-standard configurations such as using runas...
SUSE CVE-2023-5174
If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash. This bug only affects Firefox on Windows when run in non-standard configurations such as using runas...
Mozilla: Integer overflow in nsJPEGEncoder::emptyOutputBuffer
In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out of bounds write, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 78...
Mozilla: Integer overflow in nsJPEGEncoder::emptyOutputBuffer
In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out of bounds write, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 78...
Arbitrary Code Execution
firefox is vulnerable to arbitrary code execution. The vulnerability exists in non-standard configurations, where a JPEG image created by JavaScript could have caused an internal variable to overflow...
Design/Logic Flaw
Under non-standard configurations, IBM WebSphere MQ might send password data in clear text over the network. This data could be intercepted using man in the middle techniques...
VMSA-2011-0006 VMware vmrun utility local privilege escalation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2011-0006 Synopsis: VMware vmrun utility local privilege escalation Issue date: 2011-03-29 Updated on: 2011-03-29 initial release of...
Hylafax 4.1.x - HFaxD Format String
// source: https://www.securityfocus.com/bid/9005/info Hylafax hfaxd daemon has been reported prone to an unspecified format string vulnerability that may be exploited under non-standard configurations to execute arbitrary instructions remotely as the root user. / Hylafax remote root PoC exploit ...