CVE-2024-52885

CVE-2024-52885 affects the Mobile Access Portal File Share component (Check Point Mobile Access). A directory traversal flaw allows an authenticated user (authorized to at least one File Share app) to enumerate file names in directories accessible to the nobody user on the Mobile Access gateway. ...

CVE-2024-52885 Path Traversal

The Mobile Access Portal's File Share application is vulnerable to a directory traversal attack, allowing an authenticated, malicious end-user authorized to at least one File Share application to list the file names of 'nobody'-accessible directories on the Mobile Access gateway...

CVE-2024-52885 Path Traversal

The Mobile Access Portal's File Share application is vulnerable to a directory traversal attack, allowing an authenticated, malicious end-user authorized to at least one File Share application to list the file names of 'nobody'-accessible directories on the Mobile Access gateway...

PT-2025-32174 · Unknown · Mobile Access Portal File Share

Name of the Vulnerable Software and Affected Versions: Mobile Access Portal File Share application affected versions not specified Description: The Mobile Access Portal's File Share application is susceptible to a directory traversal attack. An authenticated, malicious end-user with authorization...

CVE-2025-0620

A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again...

CVE-2025-0620

A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again...

CVE-2025-0620

CVE-2025-0620 affects Samba (smbd) where group membership changes are not picked up during re-authentication of an expired SMB session, potentially exposing file shares until clients disconnect and reconnect. The issue is documented across multiple distributions; a practical remediation is upgrad...

CVE-2025-0620 Samba: smbd doesn't pick up group membership changes when re-authenticating an expired smb session

A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again...

[ASA-202506-3] samba: access restriction bypass

Arch Linux Security Advisory ASA-202506-3 ========================================= Severity: Low Date : 2025-06-06 CVE-ID : CVE-2025-0620 Package : samba Type : access restriction bypass Remote : Yes Link : https://security.archlinux.org/AVG-2892 Summary ======= The package samba before version...

CVE-2023-21423

Improper authorization vulnerability in ChnFileShareKit prior to SMR Jan-2023 Release 1 allows attacker to control BLE advertising without permission using unprotected action...

CVE-2021-32654

Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.11, 20.0.10, and 21.0.2, an attacker is able to receive write/read privileges on any Federated File Share. Since public links can be added as federated file share, this can also be exploited on any public...

CVE-2019-1289

An elevation of privilege vulnerability exists when the Windows Update Delivery Optimization does not properly enforce file share permissions, aka 'Windows Update Delivery Optimization Elevation of Privilege Vulnerability'...

CVE-2025-21962 cifs: Fix integer overflow while processing closetimeo mount option

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing closetimeo mount option User-provided mount parameter closetimeo of type u32 is intended to have an upper limit, but before it is validated, the value is converted from seconds to jiffi...

Linux Distros Unpatched Vulnerability : CVE-2022-41882

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. In version 3.6.0, if a user received a malicious file shar...

CVE-2024-52888 - Mobile Access File Share applications are vulnerable to stored XSS attacks

Symptoms - When an authenticated Mobile Access portal end-user browses to a File Share application, the portal may run a script while attempting to display a directory or some file's properties. Additionally, an authenticated attacker may store specially crafted file/dir names for other...

Zyxel VMG8825-T50K Buffer Overflow Vulnerability

The Zyxel VMG8825-T50K is an Internet access device from China's Hopkins Zyxel. The Zyxel VMG8825-T50K suffers from a buffer overflow vulnerability that originates from the USB file share handler improperly restricting operations within the memory buffer range. An authenticated attacker with...

Zyxel VMG8825-T50K 缓冲区错误漏洞

The Zyxel VMG8825-T50K is an Internet access device from China's Hopkins Zyxel. The Zyxel VMG8825-T50K suffers from a buffer overflow vulnerability that originates from the USB file share handler improperly restricting operations within the memory buffer range. An authenticated attacker with...

ROS-20231019-02

A vulnerability in Nextcloud cloud storage creation and utilization software is related to gaining write/read privileges on any file share. Exploitation of the vulnerability could allow an attacker acting remotely to escalate privileges...

How to Copy a Virtual Machine From One Storage Repository to Another

This article describes how to copy a virtual machine VM from one type of storage repository to another. The example in this article shows how to copy a VM from local storage to Network File Share NFS storage...

How to Configure Windows 2003 Network File Share as Authenticated Storage Repository for XenServer

This document describes how to configure Windows Server 2003 Release 2 Server Network File Share NFS as an authenticated storage repository for XenServer. The NFS component is only included in Windows Server 2003 Release 2. If you do not have this edition, you can achieve the same results by...