CLSA-2026-1779358660 curl: Fix of 2 CVEs

CVE-2026-5773: wrong reuse of SMB connection; disable connection reuse for SMBS so a subsequent transfer cannot wrongfully reuse a pooled connection to a different share - CVE-2026-6276: clear stale custom-Host cookiehost between requests on the same easy handle cookie leak across origins...

CLSA-2026-1779358008 Fix CVE(s): CVE-2026-5773

SECURITY UPDATE: libcurl may reuse the wrong connection for SMBS transfers, leading to access of an unintended SMB share with the same credentials. - debian/patches/CVE-2026-5773.patch: disable connection reuse for SMBS in lib/url.c by returning early from ConnectionExists when the requested...

CLSA-2026-1779098432 Fix CVE(s): CVE-2026-5773

SECURITY UPDATE: wrong SMB connection reused due to missing share comparison - debian/patches/CVE-2026-5773.patch: disable connection reuse for SMBS by replacing connkeep with connclose in smbconnect lib/smb.c - CVE-2026-5773...

SUSE-SU-2026:0903-1 Security update for curl

This update for curl fixes the following issues: - CVE-2026-1965: bad reuse of HTTP Negotiate connection bsc1259362. - CVE-2026-3783: token leak with redirect and netrc bsc1259363. - CVE-2026-3784: wrong proxy connection reuse with credentials bsc1259364. - CVE-2026-3805: use after free in SMB...

CVE-2025-35061

Newforma Info Exchange NIX '/NPCSRemoteWeb/LegacyIntegrationServices.asmx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the user-configured NIX service account...

CVE-2025-35057

Newforma Info Exchange NIX '/RemoteWeb/IntegrationServices.ashx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the NIX service account...

EUVD-2025-33569

Newforma Info Exchange NIX '/UserWeb/Common/MarkupServices.ashx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the customer-configured NIX service account...

CVE-2025-35058

Newforma Info Exchange NIX '/UserWeb/Common/MarkupServices.ashx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the customer-configured NIX service account...

CVE-2025-35061

Newforma Info Exchange (NIX) is affected via the NPCSRemoteWeb/LegacyIntegrationServices.asmx endpoint. An unauthenticated remote attacker can cause NIX to initiate an SMB connection to a system under attacker control, enabling capture of the NTLMv2 hash of the NIX service account. This informati...

CVE-2025-35057 Newforma Info Exchange (NIX) forced NTLMv2 authentication via /RemoteWeb/IntegrationServices.ashx

Newforma Info Exchange NIX '/RemoteWeb/IntegrationServices.ashx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the NIX service account...

PT-2025-41477

Name of the Vulnerable Software and Affected Versions Newforma Info Exchange NIX affected versions not specified Description Newforma Info Exchange NIX contains a flaw in the '/NPCSRemoteWeb/LegacyIntegrationServices.asmx' endpoint that allows a remote, unauthenticated attacker to force NIX to...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft

CVE-2025-24071 This Python script is designed to demonstrate...

SMB Windows Full Build Number

Gets the full build number of a Windows operating system using PowerShell via SMB. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if descripti...

Linux Distros Unpatched Vulnerability : CVE-2018-10583

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection...

TeamViewer Unquoted URI Handler SMB Redirect

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TeamViewer Unquoted URI Handler SMB Redirect', 'Description' = %q This module exploits an unquoted parameter call within the Teamviewer URI handl...

Exploit for Improper Input Validation in Microsoft

A Simple PoC in PowerShell for CVE-2023-23397 CVE-2023-23397...

SUSE: Security Advisory (SUSE-SU-2018:3683-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : libreoffice (EulerOS-SA-2020-2551)

According to the versions of the libreoffice packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not valida...

TeamViewer Unquoted URI Handler SMB Redirect

This module exploits an unquoted parameter call within the Teamviewer URI handler to create an SMB connection to an attacker controlled IP. TeamViewer use auxiliary/server/teamviewerurismbredirect msf auxiliaryteamviewerurismbredirect show actions ...actions... msf auxiliaryteamviewerurismbredire...

CVE-2019-18213

XML Language Server aka lsp4xml before 0.9.1, as used in Red Hat XML Language Support aka vscode-xml before 0.9.1 for Visual Studio and other products, allows XXE via a crafted XML document, with resultant SSRF as well as SMB connection initiation that can lead to NetNTLM challenge/response captu...