Oracle Linux 10 : kernel (ELSA-2025-13598)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-13598 advisory. - wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds - CVE-2025-38159 - Revert 'smb: client: fix TCP timers deadlock after rmmod'...

CVE-2025-50169

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB allows an unauthorized attacker to execute code over a network...

SMB Fetch

Fetch and execute an x64 payload from an SMB server. Module Options msf use payload/cmd/windows/smb/x64/downloadexec msf payloaddownloadexec show actions ...actions... msf payloaddownloadexec set ACTION msf payloaddownloadexec show options ...show and set options... msf payloaddownloadexec run Th...

USN-7685-5: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - Ext4 file system; - SMB network file syste...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft

NTLM/SMB Hardening & Threat Hunt Toolkit Author: w01f...

CVE-2025-50169

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB allows an unauthorized attacker to execute code over a network...

CVE-2025-50169 Windows SMB Remote Code Execution Vulnerability

...

CVE-2025-50169 Windows SMB Remote Code Execution Vulnerability

...

CVE-2025-50169

CVE-2025-50169 is a Windows SMB remote code execution vulnerability driven by a race condition in the SMB server where concurrent access to a shared resource is improperly synchronized. Publicly disclosed details in the provided documents confirm: the flaw exists in Windows SMB and enables code e...

Windows SMB Remote Code Execution Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB allows an unauthorized attacker to execute code over a network...

Linux Distros Unpatched Vulnerability : CVE-2025-21844

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: Add check for nextbuffer in receiveencryptedstandard Add check for the return value of cifsbufget and cifssmallbufget in receiveencryptedstandard t...

Linux Distros Unpatched Vulnerability : CVE-2025-22077

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Revert smb: client: fix TCP timers deadlock after rmmod This reverts commit e9f2517a3e18a54a3943c098d2226b245d488801. Commit e9f2517a3e18 smb: client: fix TCP...

PT-2025-32792 · Microsoft · Windows Smb +1

Name of the Vulnerable Software and Affected Versions: Windows SMB affected versions not specified Description: Concurrent execution using a shared resource with improper synchronization a 'race condition' in Windows SMB allows an unauthorized attacker to execute code over a network...

PT-2025-34059

Name of the Vulnerable Software and Affected Versions: SMB affected versions not specified Description: A vulnerability exists that could cause unauthorized access to sensitive credential data when an attacker is able to capture local SMB traffic between a valid user within the BMS network and th...

Linux Distros Unpatched Vulnerability : CVE-2023-29532

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB...

Linux Distros Unpatched Vulnerability : CVE-2019-15918

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel before 5.0.10. SMB2negotiate in fs/cifs/smb2pdu.c has an out- of-bounds read because data structures are incompletel...

PT-2025-36001

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's SMB3 implementation related to handling server interfaces during mounting to ksmbd. Specifically, a missing check in the parse server interfaces...

Linux Distros Unpatched Vulnerability : CVE-2025-38244

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: fix potential deadlock when reconnecting channels Fix cifssignalcifsdforreconnect to take the correct lock order and prevent the following deadloc...

Linux Distros Unpatched Vulnerability : CVE-2025-37750

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: fix UAF in decryption with multichannel After commit f7025d861694 smb: client: allocate crypto only for primary server and commit b0abcd65ec54 smb:...

Linux Distros Unpatched Vulnerability : CVE-2022-47943

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is an out-of- bounds read and OOPS for SMB2WRITE, when there is a...