samba vulnerabilities and exploits

NA
CVE-2019-7304

Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1....

5
CVSSv2
CVE-2017-3139

A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response....

5.5
CVSSv2
CVE-2019-3880

A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation of a new file in the Samba...

3.6
CVSSv2
CVE-2019-3870

A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner (root) only...

NA
CVE-2018-20334

Following repo contains linux drivers for Asus PCE-AC88 (Broadcom BCM4366). The driver has been extracted from the most recent ASUS AC88U firmware at the time of repo creation. FW_RT_AC88U_300438445708.zip Version 3.0.0.4.384.45708 2019/03/29 41.39 MBytes ASUS RT-AC88U Firmware...

NA
CVE-2018-20336

Following repo contains linux drivers for Asus PCE-AC88 (Broadcom BCM4366). The driver has been extracted from the most recent ASUS AC88U firmware at the time of repo creation. FW_RT_AC88U_300438445708.zip Version 3.0.0.4.384.45708 2019/03/29 41.39 MBytes ASUS RT-AC88U Firmware...

6.5
CVSSv2
CVE-2018-4407

A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5....

AppleIphone OsMac Os XTvosWatchos
5
CVSSv2
CVE-2019-5418

There is a possible file content disclosure vulnerability in Action View. Specially crafted accept headers in combination with calls to `render file:` can cause arbitrary files on the target server to be rendered, disclosing the file contents. The impact is limited to calls to...

RedhatCloudformsRubyonrailsRailsDebianDebian Linux
7.8
CVSSv2
CVE-2019-5419

Specially crafted accept headers can cause the Action View template location code to consume 100% CPU, causing the server unable to process requests. This impacts all Rails applications that render views. All users running an affected release should either upgrade or use one of...

NA
CVE-2019-5786

Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in FileReader. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system....