CVE-2021-20164

Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses credentials for the smb functionality of the device. Usernames and passwords for all smb users are revealed in plaintext on the smbserver.asp page...

CVE-2020-0796

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 SMBv3 protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'...

CVE-2020-1301

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 SMBv1 server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'...

CVE-2020-1284

A denial of service vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 SMBv3 protocol handles certain requests, aka 'Windows SMBv3 Client/Server Denial of Service Vulnerability'...

CVE-2019-0786

An elevation of privilege vulnerability exists in the Microsoft Server Message Block SMB Server when an attacker with valid credentials attempts to open a specially crafted file over the SMB protocol on the same machine, aka 'SMB Server Elevation of Privilege Vulnerability'...

SUSE CVE-2025-37954

In the Linux kernel, the following vulnerability has been resolved: smb: client: Avoid race in opencacheddir with lease breaks A pre-existing valid cfid returned from findorcreatecacheddir might race with a lease break, meaning opencacheddir doesn't consider it valid, and thinks it's...

The vulnerability of the macOS operating system’s Shortcuts component allows a hacker to bypass existing security restrictions and execute arbitrary code.

The vulnerability of the macOS operating system’s Shortcuts component is related to errors in the implementation of security checks for standard elements. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and execute arbitrary code by sending specially crafted...

DEBIAN-CVE-2025-37954

In the Linux kernel, the following vulnerability has been resolved: smb: client: Avoid race in opencacheddir with lease breaks A pre-existing valid cfid returned from findorcreatecacheddir might race with a lease break, meaning opencacheddir doesn't consider it valid, and thinks it's...

The vulnerability in the implementation of the Server Message Block (SMB) protocol in Windows operating systems allows a perpetrator to disclose protected information.

The vulnerability of the Server Message Block SMB protocol in Windows operating systems is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information that is protected by the protocol...

CVE-2025-29956

Buffer over-read in Windows SMB allows an authorized attacker to disclose information over a network...

kernel: smb: client: fix possible double free in smb2_set_ea()

A doubly freeing memory vulnerability exists in the Linux kernel smb client. After the first successful memory allocation for 'ea', the second memory release for 'ea' will result in double free, leading to loss of availability of the system...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifsdumpfullkey CVE-2024-35866 In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: Fully initialize struct nfconncounttuple in inserttree...

Microsoft Windows SMB Client 安全漏洞

Microsoft Windows SMB Client is an application from Microsoft Corporation USA. An SMB client. A security vulnerability exists in Microsoft Windows SMB Client. An attacker exploiting this vulnerability could gain access to sensitive information. The following products and editions are...

PT-2025-22215

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition in the Linux kernel's SMB client can occur when a pre-existing valid cfid returned from find or create cached dir might race with a lease break. This can cause open cach...

Do Not Enable the Samba Service

The daemon of Samba allows the system administrator to configure the Linux system to share file systems and directories with Windows systems. Samba publishes file systems and directories through the Server Message Block SMB protocol. Windows users will be able to mount these directories and file...

SMB to HTTP relay version of Get NAA Creds

This module creates an SMB server and then relays the credentials passed to it to SCCM's HTTP server aka Management Point to gain an authenticated connection. Once authenticated it then attempts to retrieve the Network Access Accounts, if configured, from the SCCM server. This requires a computer...

SUSE CVE-2025-37750

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in decryption with multichannel After commit f7025d861694 "smb: client: allocate crypto only for primary server" and commit b0abcd65ec54 "smb: client: fix UAF in async decryption", the channels started reusin...

UBUNTU-CVE-2025-37778

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix dangling pointer in krbauthenticate krbauthenticate frees sess-user and does not set the pointer to NULL. It calls ksmbdkrb5authenticate to reinitialise sess-user but that function may return without doing so. If that...

UBUNTU-CVE-2025-37750

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in decryption with multichannel After commit f7025d861694 "smb: client: allocate crypto only for primary server" and commit b0abcd65ec54 "smb: client: fix UAF in async decryption", the channels started reusin...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse issue in multi-channel decryption in the smb client...