Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr...

CVE-2026-5131 Server-Side Request Forgery in GREENmod

GREENmod uses named pipes for communication between plugins, the web portal, and the system service, but the access control lists for these pipes are configured incorrectly. This allows an attacker to communicate with the stream and upload any XML or JSON file, which will be processed by the name...

CVE-2025-35058 Newforma Info Exchange (NIX) forced NTLMv2 authentication via /UserWeb/Common/MarkupServices.ashx

Newforma Info Exchange NIX '/UserWeb/Common/MarkupServices.ashx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the customer-configured NIX service account...

EUVD-2014-2424

Malware in sbrugna...

EUVD-2021-13762

Malware in sbrugna...

EUVD-2006-6450

Malware in sbrugna...

CVE-2021-26989

Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P9 and 9.8 are susceptible to a vulnerability which could allow a remote authenticated attacker to cause a Denial of Service DoS on clustered Data ONTAP configured for SMB access...

CVE-2025-32103

CrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 allows directory traversal via the /WebInterface/function/ URI to read files accessible by SMB at UNC share pathnames, bypassing SecurityManager restrictions...

CVE-2025-32103

CrushFTP is affected: versions 9.x through 11.3.1 contain a directory-traversal flaw accessible via the /WebInterface/function/ URI that can read files exposed by SMB UNC paths, bypassing SecurityManager restrictions. Impact: potential unauthorized reading of files outside the intended directory....

May 23, 2023—KB5026436 (OS Build 22000.2003) Preview

May 23, 2023—KB5026436 OS Build 22000.2003 Preview 3/28/23 IMPORTANT Starting in April 2023, optional, non-security preview updates will release on the fourth Tuesday of the month. For more information, see Windows monthly updates explained. For information about Windows update terminology, see t...

PT-2023-20375 · Dell · Dell Powerscale Onefs

Name of the Vulnerable Software and Affected Versions: Dell PowerScale OneFS versions 8.2.x through 9.4.x Description: The issue is related to an uncontrolled resource consumption vulnerability. A malicious network user with low privileges could potentially exploit this vulnerability in SMB,...

SUSE CVE-2007-5337

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs...

Oracle Solaris Critical Patch Update : jul2022_SRU11_4_45_119_2

This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystem. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with networ...

CVE-2022-21524

Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystem. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with network access via SMB to compromise Oracle Solaris. Successful attacks of this vulnerability can...

Code injection

Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystem. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with network access via SMB to compromise Oracle Solaris. Successful attacks of this vulnerability can...

March 22, 2022—KB5011551 (OS Build 17763.2746) Preview

March 22, 2022—KB5011551 OS Build 17763.2746 Preview 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 1809, see its update history page. Highlights Updates an...

Ntlm_Theft - A Tool For Generating Multiple Types Of NTLMv2 Hash Theft Files

A tool for generating multiple types of NTLMv2 hash theft files. ntlmtheft is an Open Source Python3 Tool that generates 21 different types of hash theft documents. These can be used for phishing when either the target allows smb traffic outside their network, or if you are already inside the...

CVE-2021-26989

Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P9 and 9.8 are susceptible to a vulnerability which could allow a remote authenticated attacker to cause a Denial of Service DoS on clustered Data ONTAP configured for SMB access...

Code injection

Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P9 and 9.8 are susceptible to a vulnerability which could allow a remote authenticated attacker to cause a Denial of Service DoS on clustered Data ONTAP configured for SMB access...

CVE-2021-26989

CVE-2021-26989 affects NetApp Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P9 and 9.8. A remote authenticated attacker could cause a Denial of Service in clustered Data ONTAP configured for SMB access. Connected sources reiterate impacted versions and DoS impact; some advisor...