PT-2026-40234

Name of the Vulnerable Software and Affected Versions Windows Server versions prior to May 12, 2026 Description A stack-based buffer overflow exists in the Windows Netlogon service, specifically within the MS-NRPC handler. This issue allows an unauthenticated remote attacker to execute arbitrary...

CVE-2025-66413

Git for Windows is the Windows port of Git. Prior to 2.53.02, it is possible to obtain a user's NTLM hash by tricking them into cloning from a malicious server. Since NTLM hashing is weak, it is possible for the attacker to brute-force the user's account name and password. This vulnerability is...

MiracleLinux 9 : samba-4.16.4-103.el9 (AXSA:2023-5319:06)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5319:06 advisory. samba: RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided CVE-2022-38023 Tenable has extracted the preceding description block directly from...

MiracleLinux 7 : samba-4.10.16-24.0.1.el7.AXS7 (AXSA:2023-5216:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5216:04 advisory. samba: RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided CVE-2022-38023 Tenable has extracted the preceding description block directly from...

MiracleLinux 8 : samba-4.16.4-4.el8 (AXSA:2023-5154:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5154:02 advisory. samba: RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided CVE-2022-38023 Tenable has extracted the preceding description block directly from...

CLSA-2025-1766567499 Fix CVE(s): CVE-2020-1472

SECURITY UPDATE: elevation of privilege vulnerability - debian/patches/CVE-2020-1472.patch: fix vulnerability when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol MS-NRPC - CVE-2020-1472...

EUVD-2025-84343

A local server-side request forgery SSRF security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to trigger outbound SMB requests, enabling the capture of NTLM hashes...

Security update for samba

This update for samba fixes the following issues: CVE-2025-9640: Fixed uninitialized memory disclosure via vfsstreamsxattr bsc1251279. CVE-2025-10230: Fixed command Injection in WINS server hook script bsc1251280. Update to 4.21.8: netrLogonSamLogonEx returns NRSTATUSACCESSDENIED with...

EUVD-2015-0043

Malware in sbrugna...

EUVD-2019-9981

Malware in sbrugna...

EUVD-2015-2467

Malware in sbrugna...

EUVD-2016-4332

Malware in sbrugna...

EUVD-2019-9605

Malware in sbrugna...

EUVD-2019-9941

Malware in sbrugna...

EUVD-2016-3214

Malware in sbrugna...

Exploit for CVE-2020-1472

ZeroLogon-CVE-2020-1472 Explicação e demonstração da vulnerabi...

EUVD-2023-31975

Malicious code in bioql PyPI...

EUVD-2023-25895

Malicious code in bioql PyPI...

EUVD-2023-25694

Malicious code in bioql PyPI...

EUVD-2024-37792

Malicious code in bioql PyPI...