Lucene search
K

20 matches found

RedHat Linux
RedHat Linux
added 2026/06/23 6:38 a.m.5 views

samba: Remote Code Execution in SAMR

A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...

9.8CVSS6AI score0.02501EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/23 1:24 a.m.5 views

samba: Remote Code Execution in SAMR

A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...

9.8CVSS6AI score0.02501EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/10 12:31 p.m.14 views

samba: Remote Code Execution in SAMR

A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...

9.8CVSS5.7AI score0.02501EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/03 3:28 a.m.54 views

samba: Remote Code Execution in SAMR

A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...

9.8CVSS5.9AI score0.02501EPSS
Exploits0References5
NVD
NVD
added 2026/05/28 9:16 a.m.21 views

CVE-2026-4408

A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...

9.8CVSS0.02501EPSS
Exploits0References18
AlpineLinux
AlpineLinux
added 2026/05/28 7:25 a.m.16 views

CVE-2026-4408

A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...

9.8CVSS5.9AI score0.02501EPSS
Exploits0References18
Cvelist
Cvelist
added 2026/05/28 7:25 a.m.57 views

CVE-2026-4408 Samba: remote code execution in samr

A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...

9CVSS0.02501EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2026/05/27 2:53 a.m.18 views

SUSE CVE-2026-4408

A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...

9.9CVSS5.9AI score0.02501EPSS
Exploits0References15
Talos Blog
Talos Blog
added 2025/12/17 4:55 p.m.12 views

UAT-9686 actively targets Cisco Secure Email Gateway and Secure Email and Web Manager

Cisco Talos recently discovered a campaign targeting Cisco AsyncOS Software for Cisco Secure Email Gateway, formerly known as Cisco Email Security Appliance ESA, and Cisco Secure Email and Web Manager, formerly known as Cisco Content Security Management Appliance SMA. We assess with moderate...

7.7AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-57511

Malicious code in bioql PyPI...

9.8CVSS8.5AI score0.0099EPSS
Exploits0References4
Veracode
Veracode
added 2023/10/02 7:12 p.m.26 views

Denial Of Service (DoS)

Firefox ESR is vulnerable to Denial Of Service DoS. The vulnerability occurs if Windows does not duplicate a handle during process creation. In such cases, the sandbox code may unintentionally free a pointer twice, leading to a use-after-free situation and a potentially exploitable crash. This bu...

9.8CVSS7AI score0.0099EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2023/09/27 3:19 p.m.7 views

CVE-2023-5174

If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash. This bug only affects Firefox on Windows when run in non-standard configurations such as using runas...

9.8CVSS7.4AI score
Exploits0References4
AlpineLinux
AlpineLinux
added 2023/09/27 2:13 p.m.35 views

CVE-2023-5174

If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash. This bug only affects Firefox on Windows when run in non-standard configurations such as using runas...

9.8CVSS9.2AI score0.0099EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/09/27 2:3 a.m.3 views

SUSE CVE-2023-5174

If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash. This bug only affects Firefox on Windows when run in non-standard configurations such as using runas...

9.8CVSS7AI score0.0099EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2020/08/26 8:49 a.m.5 views

Mozilla: Integer overflow in nsJPEGEncoder::emptyOutputBuffer

In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out of bounds write, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 78...

8.8CVSS7.3AI score0.01938EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/08/26 8:33 a.m.10 views

Mozilla: Integer overflow in nsJPEGEncoder::emptyOutputBuffer

In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out of bounds write, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 78...

8.8CVSS7.3AI score0.01938EPSS
Exploits0References5
Veracode
Veracode
added 2020/08/06 9:32 p.m.24 views

Arbitrary Code Execution

firefox is vulnerable to arbitrary code execution. The vulnerability exists in non-standard configurations, where a JPEG image created by JavaScript could have caused an internal variable to overflow...

8.8CVSS3.7AI score0.01938EPSS
Exploits0References5Affected Software5
Prion
Prion
added 2017/02/22 7:59 p.m.18 views

Design/Logic Flaw

Under non-standard configurations, IBM WebSphere MQ might send password data in clear text over the network. This data could be intercepted using man in the middle techniques...

4.3CVSS6.9AI score0.00826EPSS
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2011/03/31 12:0 a.m.85 views

VMSA-2011-0006 VMware vmrun utility local privilege escalation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2011-0006 Synopsis: VMware vmrun utility local privilege escalation Issue date: 2011-03-29 Updated on: 2011-03-29 initial release of...

6.9CVSS6.5AI score0.00384EPSS
Exploits2
Exploit DB
Exploit DB
added 2003/11/10 12:0 a.m.61 views

Hylafax 4.1.x - HFaxD Format String

// source: https://www.securityfocus.com/bid/9005/info Hylafax hfaxd daemon has been reported prone to an unspecified format string vulnerability that may be exploited under non-standard configurations to execute arbitrary instructions remotely as the root user. / Hylafax remote root PoC exploit ...

7AI score
Exploits0
Rows per page
Query Builder