Lucene search
+L

249 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-6243

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00335EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/14 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-27233

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl...

5.7CVSS6.1AI score0.0016EPSS
Exploits0References3
NVD
NVD
added 2025/09/12 11:15 a.m.12 views

CVE-2025-27233

Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. This can be used to leak the NTLMv2 hash from a Windows system...

5.7CVSS0.0016EPSS
Exploits0References1
OSV
OSV
added 2025/09/12 11:15 a.m.26 views

UBUNTU-CVE-2025-27233

Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. This can be used to leak the NTLMv2 hash from a Windows system...

5.7CVSS5.8AI score0.0016EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/08/07 12:31 a.m.10 views

CVE-2025-29745

A vulnerability affecting the scanning module in Emsisoft Anti-Malware prior to 2024.12 allows attackers on a remote server to obtain Net-NTLMv2 hash information via a specially created A2S Emsisoft Custom Scan extension file...

7.5CVSS6AI score0.00402EPSS
Exploits0References1
NVD
NVD
added 2025/08/05 3:15 p.m.7 views

CVE-2025-29745

A vulnerability affecting the scanning module in Emsisoft Anti-Malware prior to 2024.12 allows attackers on a remote server to obtain Net-NTLMv2 hash information via a specially created A2S Emsisoft Custom Scan extension file...

7.5CVSS0.00402EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/05 12:0 a.m.5 views

CVE-2025-29745

A vulnerability affecting the scanning module in Emsisoft Anti-Malware prior to 2024.12 allows attackers on a remote server to obtain Net-NTLMv2 hash information via a specially created A2S Emsisoft Custom Scan extension file...

6.1AI score0.00402EPSS
Exploits0References2
CVE
CVE
added 2025/08/05 12:0 a.m.20 views

CVE-2025-29745

CVE-2025-29745 affects the scanning module of Emsisoft Anti-Malware older than 2024.12. The vulnerability allows a remote attacker to obtain Net-NTLMv2 hash information by supplying a specially crafted A2S (Emsisoft Custom Scan) extension file. Affected product: Emsisoft Anti-Malware; vulnerable ...

7.5CVSS6.7AI score0.00402EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/05 12:0 a.m.9 views

PT-2025-31932 · Emsisoft · Emsisoft Anti-Malware

Name of the Vulnerable Software and Affected Versions: Emsisoft Anti-Malware versions prior to 2024.12 Description: A vulnerability in the scanning module of Emsisoft Anti-Malware allows attackers on a remote server to obtain Net-NTLMv2 hash information by using a specially crafted A2S Emsisoft...

7.5CVSS6.5AI score0.00402EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/08/05 12:0 a.m.13 views

CVE-2025-29745

A vulnerability affecting the scanning module in Emsisoft Anti-Malware prior to 2024.12 allows attackers on a remote server to obtain Net-NTLMv2 hash information via a specially created A2S Emsisoft Custom Scan extension file...

0.00402EPSS
Exploits0References2
OSV
OSV
added 2025/06/11 1:15 a.m.5 views

CVE-2024-1243 Remote code execution and local privilege escalation in Wazuh Windows agent via NetNTLMv2 hash theft

Improper input validation in the Wazuh agent for Windows prior to version 4.8.0 allows an attacker with control over the Wazuh server or agent key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2 hash, which can be relayed for...

9.5CVSS7.8AI score0.00545EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/23 9:30 a.m.10 views

CVE-2024-33881

An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows an NTLMv2 hash leak via a UNC share pathname in the path parameter...

7.5CVSS5.2AI score0.00475EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:16 a.m.7 views

CVE-2022-45194

CBRN-Analysis before 22 allows XXE attacks via am mws XML document, leading to NTLMv2-SSP hash disclosure...

4.7CVSS6.9AI score0.00399EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:32 p.m.8 views

CVE-2022-25166

An issue was discovered in Amazon AWS VPN Client 2.0.0. It is possible to include a UNC path in the OpenVPN configuration file when referencing file paths for parameters such as auth-user-pass. When this file is imported and the client attempts to validate the file path, it performs an open...

5CVSS6.6AI score0.0145EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:5 a.m.5 views

CVE-2019-1338

A security feature bypass vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLMv2 protection if a client is also sending LMv2 responses, aka 'Windows NTLM Security Feature Bypass Vulnerability'...

5.9CVSS6.5AI score0.03319EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:58 a.m.9 views

CVE-2018-20298

S3 Browser before 8.1.5 contains an XML external entity XXE vulnerability, allowing remote attackers to read arbitrary files and obtain NTLMv2 hash values by tricking a user into connecting to a malicious server via the S3 protocol...

6.5CVSS7.1AI score0.01399EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2025/04/03 12:0 a.m.344 views

Microsoft Office 2019 MSO Build 1808 - NTLMv2 Hash Disclosure

Exploit Title: Microsoft Office 2019 MSO Build 1808 - NTLMv2 Hash Disclosure Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.office.com/ Software Link: https://www.office.com/ Details: https://github.com/passtheticket/CVE-2024-38200 Version: Microsoft Office 2019 MSO Build 1808...

9.1CVSS6.8AI score0.20296EPSS
Exploits2
GithubExploit
GithubExploit
added 2025/03/27 2:36 p.m.307 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft

CVE-2025-24071 / CVE-2025-24054 PoC Edit: MICROSOFT HAS BEE...

6.5CVSS7.8AI score0.58974EPSS
Exploits35
RedhatCVE
RedhatCVE
added 2025/03/09 11:42 a.m.10 views

CVE-2025-1887

SMB forced authentication vulnerability in versions prior to 2025.35.000 of Sage 200 Spain. This vulnerability allows an authenticated attacker with administrator privileges to obtain NTLMv2-SSP Hash by changing any of the paths to a UNC path pointing to a server controlled by the attacker...

7.1CVSS6.6AI score0.00335EPSS
Exploits0References3
NVD
NVD
added 2025/03/07 11:15 a.m.22 views

CVE-2025-1887

SMB forced authentication vulnerability in versions prior to 2025.35.000 of Sage 200 Spain. This vulnerability allows an authenticated attacker with administrator privileges to obtain NTLMv2-SSP Hash by changing any of the paths to a UNC path pointing to a server controlled by the attacker...

7.1CVSS0.00335EPSS
Exploits0References1
Rows per page
Query Builder