Lucene search
K

7 matches found

OSV
OSV
added 2026/06/05 3:48 p.m.9 views

OESA-2026-2575 samba security update

Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: A flaw was found in Samba's certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and...

9.8CVSS6.5AI score0.12797EPSS
Exploits9References5
RedHat Linux
RedHat Linux
added 2026/06/03 9:52 p.m.12 views

samba: group policy certificate enrollment uses http:// without validation

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability t...

8CVSS5.8AI score0.00261EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/05/27 2:53 a.m.14 views

SUSE CVE-2026-3012

A flaw was found in Samba's certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability t...

8CVSS5.8AI score0.00261EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.3 views

PT-2026-22916

The server certificate was not verified when an Arc agent connected to a Guardian or CMC. A malicious actor could perform a man-in-the-middle attack and intercept the communication between the Arc agent and the Guardian or CMC. This could result in theft of the client token and sensitive...

6.5CVSS5.9AI score0.00111EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2021-33530

Malicious code in bioql PyPI...

9.8CVSS7.7AI score0.00568EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/04/14 12:0 a.m.7 views

CVE-2021-46880

x509/x509verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded...

7.2AI score0.00568EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/04/14 12:0 a.m.11 views

PT-2023-12600 · Openbsd +1 · Openbsd +2

Name of the Vulnerable Software and Affected Versions: LibreSSL versions prior to 3.4.2 OpenBSD versions prior to 7.0 errata 006 Description: The issue allows authentication bypass due to an error for an unverified certificate chain sometimes being discarded in the x509 verify.c file. This occurs...

9.8CVSS6.9AI score0.59501EPSS
Exploits1References25
Rows per page
Query Builder