Latest redhat storage Vulnerabilities

CVE-2023-48795
Prefix Truncation Attacks in SSH Specification (Terrapin Attack)
pip/paramiko>=2.5.0<3.4.0
go/golang.org/x/crypto<0.17.0
rust/russh<0.40.2
Apple macOS Sonoma<14.4
Openbsd Openssh<9.6
Putty Putty<0.80
and 128 more
CVE-2023-4091
Samba: smb clients can truncate files with read-only permissions
redhat/samba<4.19.1
redhat/samba<4.18.8
redhat/samba<4.17.12
Samba Samba<4.17.12
Samba Samba>=4.18.0<4.18.8
Samba Samba>=4.19.0<4.19.1
and 10 more
CVE-2023-3961
Samba: smbd allows client access to unix domain sockets on the file system as root
redhat/samba<4.19.1
redhat/samba<4.18.8
redhat/samba<4.17.12
<4.17.12
>=4.18.0<4.18.8
>=4.19.0<4.19.1
and 4 more
CVE-2023-42669
Samba: "rpcecho" development server allows denial of service via sleep() call on ad dc
Samba Samba>=4.0.0<4.17.12
Samba Samba>=4.18.0<4.18.8
Samba Samba>=4.19.0<4.19.1
Redhat Storage=3.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
and 14 more
CVE-2023-3347
Samba: smb2 packet signing is not enforced when "server signing = required" is set
ubuntu/samba<2:4.17.7+dfsg-1ubuntu1.1
Samba Samba>=4.17.0<4.17.10
Samba Samba>=4.18.0<4.18.5
Redhat Storage=3.0
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
and 2 more
CVE-2023-34968
Samba: spotlight server-side share path disclosure
redhat/samba<4.16.11
redhat/samba<4.17.10
redhat/samba<4.18.5
ubuntu/samba<2:4.15.13+dfsg-0ubuntu0.20.04.3
ubuntu/samba<2:4.15.13+dfsg-0ubuntu1.2
ubuntu/samba<2:4.16.8+dfsg-0ubuntu1.2
and 20 more
CVE-2022-2447
Description of problem: Keystone issues tokens with the default lifespan regardless of the lifespan of the application credentials used to issue them. If the configured lifespan of an identity token i...
OpenStack Keystone
Redhat Openstack=16.1
Redhat Openstack=16.2
Redhat Openstack Platform=16.1
Redhat Openstack Platform=16.2
Redhat Quay=3.0.0
and 1 more
CVE-2021-3670
MaxQueryDuration not honoured in Samba AD DC LDAP
Samba Samba>=4.1.0
Redhat Storage=3.0
Fedoraproject Fedora=35
CVE-2022-26148
An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. The Zabbix password can be found in the api_jsonrpc.php HTML source code. When the user logs in and allows the user to re...
Grafana Grafana<=7.3.4
Redhat Ceph Storage=3.0
Redhat Ceph Storage=4.0
Redhat Ceph Storage=5.0
Redhat Storage=3.0
CVE-2021-44141
All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the...
Samba Samba<4.15.5
Redhat Storage=3.0
Fedoraproject Fedora=34
Fedoraproject Fedora=35
CVE-2020-14318
A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be un...
Samba Samba>=3.6.0<4.11.15
Samba Samba>=4.12.0<4.12.9
Samba Samba>=4.13.0<4.13.1
Redhat Storage=3.0
Redhat Enterprise Linux=7.0
Redhat Enterprise Linux=8.0
and 3 more
CVE-2020-10730
A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4. Although some versions of Samba shipped with...
Samba Samba>=4.5.0<4.10.17
Samba Samba>=4.11.0<4.11.11
Samba Samba>=4.12.0<4.12.4
Redhat Storage=3.0
openSUSE Leap=15.1
openSUSE Leap=15.2
and 12 more
CVE-2020-10685
A flaw was found in Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and...
redhat/ansible<0:2.7.17-1.el7ae
redhat/ansible<0:2.8.11-1.el7ae
redhat/ansible<0:2.8.11-1.el8ae
redhat/ansible<0:2.9.7-1.el7ae
redhat/ansible<0:2.9.7-1.el8ae
debian/ansible
and 16 more
CVE-2019-14907
All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after ...
Samba Samba>=4.9.0<4.9.18
Samba Samba>=4.10.0<4.10.12
Samba Samba>=4.11.0<4.11.5
Fedoraproject Fedora=30
Fedoraproject Fedora=31
Redhat Storage=3.0
and 28 more
CVE-2013-4280
Insecure temporary file vulnerability in RedHat vsdm 4.9.6.
debian
Redhat Virtual Desktop Server Manager=4.9.6
Redhat Enterprise Virtualization=3.0
Redhat Storage=2.0
Redhat Storage=2.1

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203