51 matches found
CVE-2022-26723
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution...
CVE-2025-66003
An External Control of File Name or Path vulnerability in smb4k allowsl ocal users to perform a local root exploit via smb4k mounthelper if they can access and control the contents of a Samba shareThis issue affects smb4k: from ? before 4.0.5...
UBUNTU-CVE-2025-66003
An External Control of File Name or Path vulnerability in smb4k allowsl ocal users to perform a local root exploit via smb4k mounthelper if they can access and control the contents of a Samba shareThis issue affects smb4k: from ? before 4.0.5...
CVE-2025-66003 Local users can perform a local root exploit via smb4k mounthelper
An External Control of File Name or Path vulnerability in smb4k allowsl ocal users to perform a local root exploit via smb4k mounthelper if they can access and control the contents of a Samba shareThis issue affects smb4k: from ? before 4.0.5...
CVE-2025-66003
CVE-2025-66003 involves an external control of file name or path in smb4k, enabling a local user to escalate to root via the mounthelper when they can access and control a Samba share. Affected software: smb4k (KDE desktop utility); vulnerability arises from improper validation of filenames/paths...
EUVD-2013-4513
Malware in sbrugna...
EUVD-2025-6557
Malicious code in bioql PyPI...
CVE-2023-23539
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution...
CVE-2013-4855
D-Link DIR-865L has SMB Symlink Traversal due to misconfiguration in the SMB service allowing symbolic links to be created to locations outside of the Samba share...
CVE-2025-25685
An issue was discovered in GL-INet Beryl AX GL-MT3000 v4.7.0. Attackers are able to download arbitrary files from the device's file system via adding symbolic links on an external drive used as a samba share...
CVE-2025-25685
An issue was discovered in GL-INet Beryl AX GL-MT3000 v4.7.0. Attackers are able to download arbitrary files from the device's file system via adding symbolic links on an external drive used as a samba share...
Oracle Linux 7 : samba (ELSA-2019-2099)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-2099 advisory. - resolves: 1696524 - Fix CVE-2019-3880 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...
CVE-2023-23539
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution...
CVE-2023-23513
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution...
Apple macOS 输入验证错误漏洞
Apple macOS is a suite of specialized operating systems developed by Apple Inc. for Mac computers. An input validation error vulnerability exists in Apple macOS Ventura versions prior to 13.2, which stems from a buffer overflow issue, and installation of a maliciously crafted Samba network share...
PT-2023-19005 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.7.3 macOS versions prior to 12.6.3 macOS versions prior to 13.2 Description: A buffer overflow issue was addressed with improved memory handling. Mounting a maliciously crafted Samba network share may lead to...
CVE-2022-26723
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution...
Vulnerability fixed in Pulse Connect Secure
A vulnerability has been fixed in Pulse Connect Secure. A authenticated malicious person could potentially abuse it to execute arbitrary code under root privileges. To do this, however, the user must have the rights to view a Samba SMB share via the "Windows File Share Browser" functionality. Sin...
NewStart CGSL CORE 5.05 / MAIN 5.05 : samba Vulnerability (NS-SA-2019-0244)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has samba packages installed that are affected by a vulnerability: - A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to crea...
Amazon Linux 2 : samba (ALAS-2019-1351)
A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba share.CVE-2019-3880...