Lucene search
+L

297 matches found

nvd
nvd
added yesterday8 views

CVE-2026-8919

Permissive Cross-domain Security Policy with Untrusted Domains in ASUS GameSDK allows a remote user to obtain a local user’s NTLM hash by convincing the user to visit a crafted web page that sends a request containing a UNC path to the application’s local service endpoint. This can result in...

7.2CVSS0.00264EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/29 9:20 a.m.9 views

CVE-2026-56766

A flaw was found in Hydra. A malicious server can exploit a stack buffer overflow vulnerability in the NTLM authentication modules by sending a specially crafted NTLM Type-2 challenge. This can lead to an overflow of a stack buffer, potentially enabling remote code execution on systems that lack...

8.8CVSS6.5AI score0.01325EPSS
Exploits2References5
susecve
susecve
added 2026/06/27 1:52 a.m.8 views

SUSE CVE-2026-56766

Hydra through 9.7, fixed in commit 9cc84c2, contains a stack buffer overflow in NTLM authentication across SMTP, POP3, IMAP, NNTP, HTTP, HTTP-Proxy, and HTTP-Proxy-Urlenum modules when processing malicious NTLM Type-2 challenges. A malicious server can send a crafted NTLM Type-2 challenge with an...

8.8CVSS6.6AI score0.01325EPSS
Exploits2References3
nvd
nvd
added 2026/06/25 7:16 p.m.12 views

CVE-2026-56766

Hydra through 9.7, fixed in commit 9cc84c2, contains a stack buffer overflow in NTLM authentication across SMTP, POP3, IMAP, NNTP, HTTP, HTTP-Proxy, and HTTP-Proxy-Urlenum modules when processing malicious NTLM Type-2 challenges. A malicious server can send a crafted NTLM Type-2 challenge with an...

8.8CVSS0.01325EPSS
Exploits2References2
cvelist
cvelist
added 2026/06/25 6:1 p.m.33 views

CVE-2026-56766 Hydra - Stack Buffer Overflow in NTLM Authentication Handler

Hydra through 9.7, fixed in commit 9cc84c2, contains a stack buffer overflow in NTLM authentication across SMTP, POP3, IMAP, NNTP, HTTP, HTTP-Proxy, and HTTP-Proxy-Urlenum modules when processing malicious NTLM Type-2 challenges. A malicious server can send a crafted NTLM Type-2 challenge with an...

8.8CVSS0.01325EPSS
Exploits2References2
vulnrichment
vulnrichment
added 2026/06/15 1:55 p.m.12 views

CVE-2026-6517 Mattermost Desktop App fails to restrict the allow list of domains which NTLM credentials are passed

Mattermost Desktop App versions =6.1 5.5.13.0 fail to restrict the allow list of domains to which NTLM credentials were forwarded to in the Mattermost Desktop App which allows any user on a server without the image proxy enabled to intercept other users credentials via embedding an image that...

6.3CVSS5.2AI score0.00187EPSS
Exploits0References1
cve
cve
added 2026/06/15 1:55 p.m.32 views

CVE-2026-6517

Mattermost Desktop App (versions

7.7CVSS5.3AI score0.00187EPSS
Exploits0References1Affected Software1
osv
osv
added 2026/06/15 1:55 p.m.3 views

CVE-2026-6517 Mattermost Desktop App fails to restrict the allow list of domains which NTLM credentials are passed

Mattermost Desktop App versions =6.1 5.5.13.0 fail to restrict the allow list of domains to which NTLM credentials were forwarded to in the Mattermost Desktop App which allows any user on a server without the image proxy enabled to intercept other users credentials via embedding an image that...

6.3CVSS6AI score0.00187EPSS
Exploits0References3
osv
osv
added 2026/06/12 6:23 p.m.13 views

GHSA-7QMG-GRCP-QF25 GeoServer has an arbitrary file write vulnerability in its Master Password Dump Page

Summary A vulnerability exists that allows an authenticated administrator with access to GeoServer's security system to pass arbitrary file names to the Master Password Dump web page and create files containing the master password in plaintext. The provided file name must be an absolute path to t...

7.2CVSS6.2AI score0.58974EPSS
Exploits20References6
euvd
euvd
added 2026/06/09 6:31 p.m.10 views

EUVD-2026-35529

Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing over a network...

6.5CVSS5.4AI score0.00662EPSS
Exploits0References2
nvd
nvd
added 2026/06/09 5:17 p.m.35 views

CVE-2026-50508

Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing over a network...

7.5CVSS0.00662EPSS
Exploits0References1
nvd
nvd
added 2026/06/02 12:16 p.m.15 views

CVE-2026-8993

D.Launcher 2 component of Slovak eID client ecosystem contains Improper URL Handler Processing vulnerability. Application registers multiple custom URL handlers that could be exploited to initiate full NTLM autentication or SMB connection to attacker infrastructure and to conduct SSRF Server Side...

6.5CVSS0.00225EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/06/02 11:13 a.m.17 views

CVE-2026-8993

D.Launcher 2 component of Slovak eID client ecosystem contains Improper URL Handler Processing vulnerability. Application registers multiple custom URL handlers that could be exploited to initiate full NTLM autentication or SMB connection to attacker infrastructure and to conduct SSRF Server Side...

6.5CVSS5.8AI score0.00225EPSS
Exploits0References3
cnnvd
cnnvd
added 2026/06/02 12:0 a.m.10 views

DITEC D.Launcher 2 安全漏洞

DITEC D.Launcher 2 is an electronic signature component and integration client developed by DITEC Corporation. DITEC D.Launcher 2 has a security vulnerability. This vulnerability stems from the application registering multiple custom URL handlers. It may allow attackers to exploit these handlers ...

6.5CVSS5.5AI score0.00225EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP. In versions prior to 2.7.0, NT LAN Manager NTLM authentication does not properly abort when someone provides an empty password value. This issue affects FreeRDP-based RDP Server implementations. RDP clients are not affected. The...

9.1CVSS7.8AI score0.02752EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2026/05/08 12:0 a.m.14 views

PT-2026-39201

Name of the Vulnerable Software and Affected Versions SolidCAM-GPPL-IDE versions 1.0.0 through 1.0.1 Description The GpplDocumentLinkHandler resolves the filename directive in GPPL postprocessor files into clickable links. The handler accepts arbitrary absolute, relative, UNC, and subfolder paths...

5.1CVSS5.9AI score0.00454EPSS
Exploits0References5
githubexploit
githubexploit
added 2026/04/30 4:31 a.m.153 views

Exploit for Improper Authentication in Microsoft

CVE-2026-24294 - Local NTLM Reflection LPE via SMB Arbitrary P...

7.8CVSS5.6AI score0.02762EPSS
Exploits1
redhatcve
redhatcve
added 2026/04/29 1:50 p.m.7 views

CVE-2026-32952

A flaw was found in the go-ntlmssp package. A remote attacker could exploit this vulnerability by sending a specially crafted NTLM NT LAN Manager challenge message. This malicious message can trigger a slice out of bounds panic, leading to a Denial of Service DoS by crashing any Go process that...

7.5CVSS5.4AI score0.01027EPSS
Exploits0References5
ubuntucve
ubuntucve
added 2026/04/24 12:0 a.m.8 views

CVE-2026-32952

go-ntlmssp is a Go package that provides NTLM/Negotiate authentication over HTTP. Prior to version 0.1.1, a malicious NTLM challenge message can causes an slice out of bounds panic, which can crash any Go process using ntlmssp.Negotiator as an HTTP transport. Version 0.1.1 patches the issue...

7.5CVSS5.8AI score0.01027EPSS
Exploits0References1
osv
osv
added 2026/04/23 9:21 p.m.7 views

GHSA-PJCQ-XVWQ-HHPJ go-ntlmssp NTLM challenges can panic on malformed payloads

go-ntlmssp is a Go package that provides NTLM/Negotiate authentication over HTTP. Prior to version 0.1.1, a malicious NTLM challenge message can causes an slice out of bounds panic, which can crash any Go process using ntlmssp.Negotiator as an HTTP transport. Version 0.1.1 patches the issue...

5.3CVSS5.8AI score0.01027EPSS
Exploits0References4
Rows per page
Query Builder