Lucene search
+L

57 matches found

susecve
susecve
added 2025/06/06 2:25 a.m.5 views

SUSE CVE-2025-0620

A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again...

6.8CVSS6.6AI score0.00616EPSS
Exploits0References4
cnnvd
cnnvd
added 2025/06/06 12:0 a.m.5 views

Samba 安全漏洞

Samba is a Samba open source suite of standard Windows interoperability programs for Linux and Unix. A security vulnerability exists in Samba that stems from the smbd service not updating group membership, which could lead to exposed file shares...

4.9CVSS6.3AI score0.00616EPSS
Exploits0References5
osv
osv
added 2025/06/03 12:0 a.m.4 views

UBUNTU-CVE-2025-0620

A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again...

4.9CVSS5.7AI score0.00616EPSS
Exploits0References4
packetstorm
packetstorm
added 2024/08/31 12:0 a.m.144 views

Microsoft Windows Deployment Services Unattend Gatherer

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Windows Deployment Services Unattend Gatherer', 'Description' = %q This module will search remote file shares for unattended installati...

7.4AI score
Exploits0
thn
thn
added 2024/07/12 2:51 p.m.32 views

DarkGate Malware Exploits Samba File Shares in Short-Lived Campaign

Cybersecurity researchers have shed light on a short-lived DarkGate malware campaign that leveraged Samba file shares to initiate the infections. Palo Alto Networks Unit 42 said the activity spanned the months of March and April 2024, with the infection chains using servers running public-facing...

7AI score
Exploits0
ptsecurity
ptsecurity
added 2024/05/28 12:0 a.m.4 views

PT-2024-40991 · Suse · Suse Linux Enterprise 15 Sp5 Azure Kernel

Name of the Vulnerable Software and Affected Versions: SUSE Linux Enterprise 15 SP5 Azure kernel affected versions not specified Description: The issue concerns a regression with kerberized nfs4 shares. This update fixes the regression and includes various security bugfixes. Recommendations: At t...

7AI score
Exploits0References5
osv
osv
added 2024/05/20 6:15 p.m.3 views

CVE-2023-49332

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while adding file shares...

8.8CVSS5.8AI score0.03005EPSS
Exploits0References1
cve
cve
added 2024/05/20 5:45 p.m.78 views

CVE-2023-49332

Zoho ManageEngine ADAudit Plus versions below 7271 are vulnerable to SQL injection when adding file shares. The root cause is an injection flaw in the file share addition workflow, enabling high-privilege impact (C/H/I/H with NETWORK attack surface per the CVE metrics). Red Hat and CVE databases ...

8.8CVSS7.9AI score0.03005EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2024/05/20 5:45 p.m.15 views

CVE-2023-49332

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while adding file shares...

8.3CVSS8AI score0.03005EPSS
Exploits0References1
cvelist
cvelist
added 2024/05/20 5:45 p.m.26 views

CVE-2023-49332

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while adding file shares...

8.3CVSS8.8AI score0.03005EPSS
Exploits0References1
kitploit
kitploit
added 2022/02/17 11:30 a.m.82 views

Snaffler - A Tool For Pentesters To Help Find Delicious Candy

Snaffler is a tool for pentesters to help find delicious candy needles creds mostly, but it's flexible in a bunch of horrible boring haystacks a massive Windows/AD environment. It might also be useful for other people doing other stuff, but it is explicitly NOT meant to be an "audit" tool. I don'...

7AI score
Exploits0References5
cnnvd
cnnvd
added 2021/12/23 12:0 a.m.6 views

Apple macOS High Sierra 安全漏洞

Apple macOS High Sierra is a proprietary operating system developed by Apple for Mac computers. Apple macOS High Sierra is vulnerable to a security flaw that could be exploited by attackers to execute non-executable text files via SMB shares...

7.8CVSS5.7AI score0.00234EPSS
Exploits0References3
openvas
openvas
added 2021/11/11 12:0 a.m.18 views

Mozilla Firefox Security Advisory (MFSA2012-37) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

2.9CVSS9.5AI score0.00463EPSS
Exploits0References3
malwarebytes
malwarebytes
added 2021/07/23 6:6 p.m.87 views

CNA legal filings lift the curtain on a Phoenix CryptoLocker ransomware attack

Two months after fully restoring its systems, CNA Financial, the leading US insurance company that was attacked by a group using Phoenix CryptoLocker ransomware, issued a legal notice of an information security incident to the Consumer Protection Bureau in New Hampshire. You may recall that Phoen...

7.4AI score
Exploits0
thn
thn
added 2021/05/25 7:37 a.m.516 views

New High-Severity Vulnerability Reported in Pulse Connect Secure VPN

Ivanti, the company behind Pulse Secure VPN appliances, has published a security advisory for a high severity vulnerability that may allow an authenticated remote attacker to execute arbitrary code with elevated privileges. "Buffer Overflow in Windows File Resource Profiles in 9.X allows a remote...

10CVSS0.9AI score0.69377EPSS
Exploits9
threatpost
threatpost
added 2019/10/15 9:1 p.m.59 views

On-Board 'Mystery Boxes' Threaten Global Shipping Vessels

Commercial shipping environments are rife with vulnerabilities, according to researchers – up to and including unpatched “mystery boxes” that no one knows anything about. “In every single nautical pen test to date we have unearthed a system or device, that of the few crew that were aware, no one...

Exploits0References6
carbonblack
carbonblack
added 2019/05/08 5:0 p.m.104 views

8 Live Queries That Will Speed Up Your Next PCI Audit

It’s no secret that kicking off any kind of compliance audit can be a slow, tedious project. This is especially true when it comes to performing a pre-assessment gap analysis for PCI-DSS. Ask any qualified security assessor QSA, and they’ll tell you that the data gathering, scoping, and gap...

0.1AI score
Exploits0
osv
osv
added 2018/07/16 2:29 p.m.7 views

CVE-2014-2079

X File Explorer aka xfe might allow local users to bypass intended access restrictions and gain access to arbitrary files by leveraging failure to use directory masks when creating files on Samba and NFS shares...

5.5CVSS5.6AI score
Exploits0References10
kitploit
kitploit
added 2018/05/31 1:44 p.m.21 views

Sharesniffer - Network Share Sniffer And Auto-Mounter For Crawling Remote File Systems

sharesniffer is a network analysis tool for finding open and closed file shares on your local network. It includes auto-network discovery and auto-mounting of any open cifs and nfs shares. How to use Example to find all hosts in 192.168.56.0/24 network and auto-mount at /mnt: python sniffshares.p...

7.2AI score
Exploits0References1
kitploit
kitploit
added 2018/02/07 1:0 p.m.27 views

Grouper - A PowerShell script for helping to find vulnerable settings in AD Group Policy

Grouper is a slightly wobbly PowerShell module designed for pentesters and redteamers although probably also useful for sysadmins which sifts through the usually very noisy XML output from the Get-GPOReport cmdlet part of Microsoft's Group Policy module and identifies all the settings defined in...

6.6AI score
Exploits0References1
Rows per page
Query Builder