Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Use checkaddoverflow to prevent overflow of the u16 DACL size. The functions setposixaclentriesdacl and setntacldacl accumulate the ACE sizes in u16 variables. When a file has many POSIX ACL entries, the accumulated size c...

CVE-2026-43350

In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...

CVE-2026-43350

In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...

CVE-2026-43350

In the Linux kernel, a vulnerability in the SMB client path can allow a malicious server to exploit an ACE with sid_unix_NFS_mode by providing an ACE with only two subauthorities. parse_dacl() would treat this as an NFS mode SID and read sub_auth[2], potentially reading four bytes past the end of...

CVE-2026-43350 smb: client: require a full NFS mode SID before reading mode bits

In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...

PT-2026-39001

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the SMB client where the parse dacl function incorrectly handles Access Control Entry ACE SIDs. The function treats an ACE SID matching sid unix NFS mode as an NFS mode...

CVE-2026-31712

In the Linux kernel, the following vulnerability has been resolved: ksmbd: require minimum ACE size in smbcheckpermdacl Both ACE-walk loops in smbcheckpermdacl only guard against an under-sized remaining buffer, not against an ACE whose declared ace-size is smaller than the struct it claims to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from an out-of-bounds read vulnerability. The vulnerability stems from insufficient ACE size validation in the smbcheckpermdacl function of ksmbd, whic...

PT-2026-36339

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the SMB client where the system fails to fully validate the Discretionary Access Control List DACL before rewriting it in cifsacl. The functions build sec desc and id...

EUVD-2021-0214

Malware in sbrugna...

EUVD-2025-15036

Malicious code in bioql PyPI...

CVE-2021-32559

An integer overflow exists in pywin32 prior to version b301 when adding an access control entry ACE to an access control list ACL that would cause the size to be greater than 65535 bytes. An attacker who successfully exploited this vulnerability could crash the vulnerable process...

PowerHuntShares - Audit Script Designed In Inventory, Analyze, And Report Excessive Privileges Configured On Active Directory Domains

PowerHuntShares is design to automatically inventory, analyze, and report excessive privilege assigned to SMB shares on Active Directory domain joined computers. It is intented to help IAM and other blue teams gain a better understand of their SMB Share attack surface and provides data insights t...

GHSA-HWFP-HG2M-9VR2 Integer overflow in pywin32

An integer overflow exists in pywin32 prior to version b301 when adding an access control entry ACE to an access control list ACL that would cause the size to be greater than 65535 bytes. An attacker who successfully exploited this vulnerability could crash the vulnerable process...

CVE-2021-32559

An integer overflow exists in pywin32 prior to version b301 when adding an access control entry ACE to an access control list ACL that would cause the size to be greater than 65535 bytes. An attacker who successfully exploited this vulnerability could crash the vulnerable process...

PYSEC-2021-112

An integer overflow exists in pywin32 prior to version b301 when adding an access control entry ACE to an access control list ACL that would cause the size to be greater than 65535 bytes. An attacker who successfully exploited this vulnerability could crash the vulnerable process...

CVE-2021-32559

The CVE-2021-32559 entry relates to an integer overflow in pywin32 prior to version b301 when adding an access control entry (ACE) to an ACL, potentially causing the ACL size to exceed 65535 bytes. The concrete impact described is that a successfully exploited vulnerability could crash the vulner...

pywin32 输入验证错误漏洞

pywin32 is a software application. It provides access to many Windows APIs from Python. A security vulnerability exists in pywin32 that stems from an integer overflow in pywin32 that results in a size greater than 65535 bytes when adding an access control entry ACE to an access control list ACL. ...