CVE-2025-22037

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in allocpreauthhash The Client send malformed smb2 negotiate request. ksmbd return error response. Subsequently, the client can send smb2 session setup even thought conn-preauthinfo is not...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a null pointer dereference when ksmbd is not assigned preauthinfo...

ksmbd: fix slab-use-after-free in smb3_preauth_hash_rsp

...

SUSE CVE-2024-50283

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-use-after-free in smb3preauthhashrsp ksmbdusersessionput should be called under smb3preauthhashrsp. It will avoid freeing session before calling smb3preauthhashrsp...

DEBIAN-CVE-2024-50283

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-use-after-free in smb3preauthhashrsp ksmbdusersessionput should be called under smb3preauthhashrsp. It will avoid freeing session before calling smb3preauthhashrsp...

UBUNTU-CVE-2024-50283

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-use-after-free in smb3preauthhashrsp ksmbdusersessionput should be called under smb3preauthhashrsp. It will avoid freeing session before calling smb3preauthhashrsp...

CVE-2024-50283 ksmbd: fix slab-use-after-free in smb3_preauth_hash_rsp

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-use-after-free in smb3preauthhashrsp ksmbdusersessionput should be called under smb3preauthhashrsp. It will avoid freeing session before calling smb3preauthhashrsp...

DEBIAN-CVE-2024-46795

In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset the binding mark of a reused connection Steve French reported null pointer dereference error from sha256 lib. cifs.ko can send session setup requests on reused connection. If reused connection is used for binding...

AZL-49383 CVE-2024-46795 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset the binding mark of a reused connection Steve French reported null pointer dereference error from sha256 lib. cifs.ko can send session setup requests on reused connection. If reused connection is used for binding...

UBUNTU-CVE-2024-46795

In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset the binding mark of a reused connection Steve French reported null pointer dereference error from sha256 lib. cifs.ko can send session setup requests on reused connection. If reused connection is used for binding...

Exploit for Code Injection in Gitlab

CVE-2021-22205 Preauth RCE via exiftool on Gitlab CE/EE...

Juniper SRX Firewalls&EX switches - PreAuth Remote Code Execution Exploit

Exploit Title: juniper-SRX-Firewalls&EX-switches PreAuth-RCE PoC Description: This code serves as both a vulnerability detector and a proof of concept for CVE-2023-36845. It executes the phpinfo function on the login page of the target device, allowing to inspect the PHP configuration. also this...

Juniper-SRX-Firewalls&EX-switches - (PreAuth-RCE) (PoC)

Exploit Title: juniper-SRX-Firewalls&EX-switches PreAuth-RCE PoC Description: This code serves as both a vulnerability detector and a proof of concept for CVE-2023-36845. It executes the phpinfo function on the login page of the target device, allowing to inspect the PHP configuration. also this...

CVE-2023-38320

An issue was discovered in OpenNDS Captive Portal before version 10.1.2. It has a showpreauthpage NULL pointer dereference that can be triggered with a crafted GET HTTP with a missing User-Agent header. Triggering this issue results in crashing OpenNDS a Denial-of-Service condition. This problem...

Exploit for CVE-2023-38646

Poc-Metabase-Preauth-CVE-2023-38646 Ho to use? λ cve git...

Exploit for CVE-2023-38646

Poc-Metabase-Preauth-CVE-2023-38646 Ho to use? λ cve git...

Exploit for CVE-2023-38646

Poc-Metabase-Preauth-CVE-2023-38646 Ho to use? λ cve git...

CVE-2023-29382

An issue in Zimbra Collaboration ZCS v.8.8.15 and v.9.0 allows an attacker to execute arbitrary code via the sfdcpreauth.jsp component...

CVE-2023-29382

An issue in Zimbra Collaboration ZCS v.8.8.15 and v.9.0 allows an attacker to execute arbitrary code via the sfdcpreauth.jsp component...

Synacor Zimbra Collaboration Server 安全漏洞

Synacor Zimbra Collaboration Server ZCS is a suite of email and collaboration solutions from Synacor, USA. The solution provides email, contacts, calendaring, file sharing, social networking, and more. A security vulnerability exists in Synacor Zimbra Collaboration Server versions v.8.8.15 and...