Kategori: NIST-Təhlükəsizlik Zəiflikləri

CVE-2022-2127

An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. When performing NTLM authentication, the client replies to cryptographic challenges…

Devamını oku

CVE-2023-3347

A vulnerability was found in Samba’s SMB2 packet signing mechanism. The SMB2 packet signing is not enforced if an admin configured “server signing = required”…

Devamını oku

CVE-2023-34967

A Type Confusion vulnerability was found in Samba’s mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets, one encoded data structure is a…

Devamını oku

CVE-2023-34968

A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories…

Devamını oku

CVE-2023-32265

A potential security vulnerability has been identified in the Enterprise Server Common Web Administration (ESCWA) component used in Enterprise Server, Enterprise Test Server, Enterprise Developer,…

Devamını oku

CVE-2023-32476

Dell Hybrid Client version 2.0 contains a Sensitive Data Exposure vulnerability. An unauthenticated malicious user on the device can access hard coded secrets in javascript…

Devamını oku

CVE-2023-32447

Dell Wyse ThinOS versions prior to 2306 (9.4.2103) contain a sensitive information disclosure vulnerability. A malicious user with local access to the device could exploit…

Devamını oku

CVE-2023-32455

Dell Wyse ThinOS versions prior to 2208 (9.3.2102) contain a sensitive information disclosure vulnerability. An unauthenticated malicious user with local access to the device could…

Devamını oku

CVE-2023-32446

Dell Wyse ThinOS versions prior to 2303 (9.4.1141) contain a sensitive information disclosure vulnerability. An unauthenticated malicious user with local access to the device could…

Devamını oku