CVE-2025-54101

Use after free in Windows SMBv3 Client allows an authorized attacker to execute code over a network...

CVE-2025-54101

Use after free in Windows SMBv3 Client allows an authorized attacker to execute code over a network...

CVE-2025-55234

CVE-2025-55234 (Windows SMB Relay Elevation of Privilege) : The vulnerability relates to SMB Server relay attacks that can escalate privileges when signing and EPA protections are not enabled. Public docs indicate SMB Server signing and Extended Protection for Authentication (EPA) exist as harden...

CVE-2025-55234 Windows SMB Elevation of Privilege Vulnerability

...

CVE-2025-55234 Windows SMB Elevation of Privilege Vulnerability

...

CVE-2025-54101

CVE-2025-54101: Use-after-free in Windows SMBv3 Client can lead to remote code execution by an authorized attacker over the network. The Connected documents confirm this SMBv3 Client issue and tie remediation to the September 2025 Windows updates that address SMB-related vulnerabilities (e.g., SM...

CVE-2025-54101 Windows SMB Client Remote Code Execution Vulnerability

...

CVE-2025-9065

A server-side request forgery security issue exists within Rockwell Automation ThinManager® software due to the lack of input sanitization. Authenticated attackers can exploit this vulnerability by specifying external SMB paths, exposing the ThinServer® service account NTLM hash...

CVE-2025-9065 Rockwell Automation ThinManager® Server-Side Request Forgery Vulnerability

A server-side request forgery security issue exists within Rockwell Automation ThinManager® software due to the lack of input sanitization. Authenticated attackers can exploit this vulnerability by specifying external SMB paths, exposing the ThinServer® service account NTLM hash...

Windows SMB Client Remote Code Execution Vulnerability

Use after free in Windows SMBv3 Client allows an authorized attacker to execute code over a network...

PT-2025-36891

Name of the Vulnerable Software and Affected Versions Windows Server Message Block SMB versions prior to September 2025 Patch Tuesday Description The SMB Server may be susceptible to relay attacks depending on the configuration. Successful exploitation of this issue could allow an attacker to...

Microsoft SMBv3 资源管理错误漏洞

Microsoft SMBv3 is a support firmware from Microsoft Corporation USA that provides SMB functionality for devices. A resource management error vulnerability exists in Microsoft SMBv3. An attacker exploiting this vulnerability could remotely execute code. The following products and versions are...

PT-2025-36843

Name of the Vulnerable Software and Affected Versions: Windows SMBv3 Client affected versions not specified Description: A use-after-free issue exists in the Windows SMBv3 Client. This allows an authorized attacker to execute code over a network. The vulnerability enables remote attackers to...

KB5065509: Windows Server 2012 Security Update (September 2025)

The remote Windows host is missing security update 5065509. It is, therefore, affected by multiple vulnerabilities - SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make t...

KB5065430: Windows 10 LTS 1507 Security Update (September 2025)

The remote Windows host is missing security update 5065430. It is, therefore, affected by multiple vulnerabilities - SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make t...

KB5065429: Windows 10 version 21H2 / Windows 10 Version 22H2 Security Update (September 2025)

The remote Windows host is missing security update 5065429. It is, therefore, affected by multiple vulnerabilities - SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make t...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: smb: client: Avoid race in opencacheddir with lease breaks CVE-2025-37954 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: prevent overflow in lookup table allocation...

smb3: fix for slab out of bounds on mount to ksmbd

...

smb/server: avoid deadlock when linking with ReplaceIfExists

...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

SMBGhost Simple scanner for CVE-2020-0796 - SMBv3 RCE. The scanner is for meant only for testing whether a server is vulnerable. It is not meant for research or development, hence the fixed payload. It checks for SMB dialect 3.1.1 and compression capability through a negotiate request. A network...