Lucene search
+L

346 matches found

Packet Storm
Packet Storm
added 2025/05/01 12:0 a.m.91 views

📄 Microsoft Windows XRM-MS NTLM Hash Disclosure

Microsoft Windows suffers from another NTLM hash disclosure vulnerability. This time it is related to the xrm-ms file type. + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: https://hyp3rlinx.altervista.org/advisories/MicrosoftWindowsxrm-msFileNTLM-HashDisclosure.tx...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2025/05/01 12:0 a.m.326 views

Microsoft Windows - XRM-MS File NTLM Information Disclosure Spoofing

Exploit Author: John Page aka hyp3rlinx Website: hyp3rlinx.altervista.org Source: https://hyp3rlinx.altervista.org/advisories/MicrosoftWindowsxrm-msFileNTLM-HashDisclosure.txt x.com/hyp3rlinx ISR: ApparitionSec Vendor www.microsoft.com Product .xrm-ms File Type Vulnerability Type NTLM Hash...

7.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/04/02 11:24 p.m.8 views

CVE-2025-30444

A race condition was addressed with improved locking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. Mounting a maliciously crafted SMB network share may lead to system termination...

9.8CVSS5.8AI score0.00715EPSS
Exploits0References1
NVD
NVD
added 2025/03/31 11:15 p.m.9 views

CVE-2025-30444

A race condition was addressed with improved locking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. Mounting a maliciously crafted SMB network share may lead to system termination...

9.8CVSS0.00715EPSS
Exploits0References6
CVE
CVE
added 2025/03/31 10:22 p.m.78 views

CVE-2025-30444

CVE-2025-30444 is a race condition in macOS that was addressed by improved locking. It is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, and macOS Sonoma 14.7.5. The issue can be triggered by mounting a maliciously crafted SMB network share and may lead to system termination. The provided doc...

9.8CVSS5.8AI score0.00715EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/31 10:22 p.m.7 views

CVE-2025-30444

A race condition was addressed with improved locking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. Mounting a maliciously crafted SMB network share may lead to system termination...

5.8AI score0.00715EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/31 10:22 p.m.19 views

CVE-2025-30444

A race condition was addressed with improved locking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. Mounting a maliciously crafted SMB network share may lead to system termination...

0.00715EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/03/31 12:0 a.m.3 views

PT-2025-13976 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.7.5 macOS Sequoia versions prior to 15.4 macOS Sonoma versions prior to 14.7.5 Description: A race condition was addressed with improved locking. Mounting a maliciously crafted SMB network share may lead to system...

9.8CVSS5.7AI score0.00715EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/03/31 12:0 a.m.6 views

Apple macOS 竞争条件问题漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS that originates from mounting a specially crafted SMB network share could result in system termination...

9.8CVSS6.2AI score0.00715EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/03/17 2:17 p.m.7 views

SUSE CVE-2025-2312

A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentials cache...

6.5CVSS6.5AI score0.00149EPSS
Exploits0References18
OSV
OSV
added 2024/12/04 2:15 a.m.6 views

CVE-2024-40717

A vulnerability in Veeam Backup & Replication allows a low-privileged user with certain roles to perform remote code execution RCE by updating existing jobs. These jobs can be configured to run pre- and post-scripts, which can be located on a network share and are executed with elevated privilege...

8.8CVSS6.5AI score0.00738EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/04 1:6 a.m.13 views

CVE-2024-40717

A vulnerability in Veeam Backup & Replication allows a low-privileged user with certain roles to perform remote code execution RCE by updating existing jobs. These jobs can be configured to run pre- and post-scripts, which can be located on a network share and are executed with elevated privilege...

8.8CVSS8.3AI score0.00738EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/04 1:6 a.m.29 views

CVE-2024-40717

A vulnerability in Veeam Backup & Replication allows a low-privileged user with certain roles to perform remote code execution RCE by updating existing jobs. These jobs can be configured to run pre- and post-scripts, which can be located on a network share and are executed with elevated privilege...

8.8CVSS0.00738EPSS
Exploits0References1
CVE
CVE
added 2024/12/04 1:6 a.m.88 views

CVE-2024-40717

CVE-2024-40717 affects Veeam Backup & Replication (12.x prior to 12.3.0.310). A low-privileged user with certain roles can update an existing job and configure pre/post scripts (potentially on a network share) that run with elevated privileges, enabling remote code execution by scheduling near-im...

8.8CVSS8.3AI score0.00738EPSS
Exploits0References1Affected Software1
Github Security Blog
Github Security Blog
added 2024/10/24 6:16 p.m.33 views

Butterfly has path/URL confusion in resource handling leading to multiple weaknesses

Summary The Butterfly framework uses the java.net.URL class to refer to what are expected to be local resource files, like images or templates. This works: "opening a connection" to these URLs opens the local file. However, if a file:/ URL is directly given where a relative path resource name is...

9.1CVSS7AI score0.01602EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2024/08/08 10:9 p.m.19 views

USN-6950-1 linux, linux-aws, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - Block layer subsystem; - Bluetooth drivers; - Clock framework and...

9.8CVSS6.5AI score0.01305EPSS
Exploits2References51
NVD
NVD
added 2024/07/02 6:15 p.m.22 views

CVE-2024-39206

An issue discovered in MSP360 Backup Agent v7.8.5.15 and v7.9.4.84 allows attackers to obtain network share credentials used in a backup due to enginesettings.list being encrypted with a hard coded key...

7.5CVSS0.00475EPSS
Exploits0References1
Citrix
Citrix
added 2024/07/02 12:0 a.m.11 views

Citrix CDFControl Service How to Save Logs On A UNC Network Share

Sometimes it may be necessary to save trace data to a shared network folder, for example, crash/hang issues with non-persistent VDAs or due to local disk space constraints...

6.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/07/02 12:0 a.m.5 views

PT-2024-28386 · Msp360 · Msp360 Backup Agent

Name of the Vulnerable Software and Affected Versions: MSP360 Backup Agent versions 7.8.5.15 through 7.9.4.84 Description: An issue in the software allows attackers to obtain network share credentials used in a backup. This is due to the enginesettings.list being encrypted with a hard-coded key...

7.5CVSS6.8AI score0.00475EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/07/02 12:0 a.m.8 views

CVE-2024-39206

An issue discovered in MSP360 Backup Agent v7.8.5.15 and v7.9.4.84 allows attackers to obtain network share credentials used in a backup due to enginesettings.list being encrypted with a hard coded key...

7AI score0.00475EPSS
Exploits0References1
Rows per page
Query Builder