Lucene search
K

137 matches found

NVD
NVD
added 2026/05/08 3:16 p.m.10 views

CVE-2026-43377

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Don't log keys in SMB3 signing and encryption key generation When KSMBDDEBUGAUTH logging is enabled, generatesmb3signingkey and generatesmb3encryptionkey log the session, signing, encryption, and decryption key bytes. Remo...

8.1CVSS0.00248EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.8 views

Azure Linux 3.0 Security Update: samba (CVE-2017-12150)

The version of samba installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2017-12150 advisory. - It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce SMB signin...

7.4CVSS5.5AI score0.13228EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.5 views

MiracleLinux 4 : samba-3.6.23-45.AXS4 (AXSA:2017-2303:05)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2303:05 advisory. A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories in areas of the server file...

7.5CVSS8AI score0.13228EPSS
Exploits3References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2016-5006

Malware in sbrugna...

7.5CVSS7.6AI score0.00839EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-0918

Malware in sbrugna...

5.9CVSS5.9AI score0.00862EPSS
Exploits0References2
Information Security Automation
Information Security Automation
added 2025/07/13 12:26 p.m.41 views

About Elevation of Privilege – Windows SMB Client (CVE-2025-33073) vulnerability

About Elevation of Privilege - Windows SMB Client CVE-2025-33073 vulnerability. A vulnerability from the June Microsoft Patch Tuesday allows an attacker to execute a malicious script, forcing the victim's host to connect to the attacker's SMB server and authenticate, resulting in gaining SYSTEM...

8.8CVSS7.4AI score0.64987EPSS
Exploits6
OSV
OSV
added 2025/05/19 9:3 p.m.7 views

CLSA-2025-1747688581 kernel: Fix of 15 CVEs

media: uvcvideo: Fix double free in error path CVE-2024-57980 - vrf: use RCU protection in l3mdevl3out CVE-2025-21791 - geneve: Fix use-after-free in genevefinddev. CVE-2025-21858 - ibmvnic: Don't reference skb after sending to VIOS CVE-2025-21855 - pfifotailenqueue: Drop new packet when...

7.8CVSS7.1AI score0.03558EPSS
Exploits0References1
OSV
OSV
added 2025/04/25 2:4 p.m.10 views

OESA-2025-1446 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ntbhwswitchtec: Fix shift-out-of-bounds in switchtecntbmwsettrans There is a kernel API ntbmwcleartrans would pass 0 to both addr and size. This would make...

7.8CVSS6AI score0.13036EPSS
Exploits1References134
Amazon
Amazon
added 2025/03/25 12:0 a.m.7 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in smb2reconnectserver CVE-2024-35870 In the Linux kernel, the following vulnerability has been resolved: ext4: fix timer use-after-free on failed mount CVE-2024-49960 In the Linux kernel, the...

7.8CVSS6.1AI score0.00809EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/01/30 12:0 a.m.10 views

PT-2025-24857

Name of the Vulnerable Software and Affected Versions Microsoft Windows affected versions not specified Description Improper access control in the Windows SMB Client, specifically within the mrxsmb.sys driver, allows an authorized or unauthenticated remote attacker to elevate privileges. The issu...

9CVSS7.5AI score0.64987EPSS
Exploits6References276
OSV
OSV
added 2024/12/27 2:15 p.m.3 views

UBUNTU-CVE-2024-53179

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free of signing key Customers have reported use-after-free in @ses-authkey.response with SMB2.1 + sign mounts which occurs due to following race: task A task B cifsmount dfsmountshare getsession...

7.8CVSS6.5AI score0.00245EPSS
Exploits0References21
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.55 views

RHEL 5 : samba (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - samba: symlink race permits opening files outside share directory CVE-2017-2619 - samba: Netlogon elevati...

7.4AI score0.99512EPSS
Exploits78References10
OSV
OSV
added 2023/12/13 2:15 a.m.6 views

CVE-2023-47574

An issue was discovered on Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices. There is a Weak SMB configuration with signing disabled...

5.9CVSS5.8AI score0.00492EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2023/02/21 7:38 p.m.49 views

K53313971: Samba vulnerabilities CVE-2016-2110 and CVE-2016-2115

Security Advisory Description CVE-2016-2110 The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove...

5.9CVSS6.7AI score0.10232EPSS
Exploits0Affected Software21
F5 Networks
F5 Networks
added 2023/02/21 6:55 p.m.37 views

K73835689: Samba vulnerability CVE-2017-12150

Security Advisory Description It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text...

7.4CVSS6.6AI score0.13228EPSS
Exploits0
The Hacker News
The Hacker News
added 2022/06/21 8:2 a.m.57 views

New NTLM Relay Attack Lets Attackers Take Control Over Windows Domain

A new kind of Windows NTLM relay attack dubbed DFSCoerce has been uncovered that leverages the Distributed File System DFS: Namespace Management Protocol MS-DFSNM to seize control of a domain. "Spooler service disabled, RPC filters installed to prevent PetitPotam and File Server VSS Agent Service...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.24 views

Mageia: Security Advisory (MGASA-2018-0023)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.9AI score0.21408EPSS
Exploits0References15
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/15 6:5 p.m.25 views

Security Bulletin: SMB vulnerabilities in IBM N Series Products

Summary Data ONTAP products implement the SMB protocol. Systems that implement the SMB protocol can be susceptible to one or more man-in-the-middle attacks which when exploited could potentially lead to information disclosure, privilege escalation, or a Denial of Service. Vulnerability Details...

7.5CVSS2.1AI score0.01457EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/11/17 12:0 a.m.52 views

openSUSE 15 Security Update : samba (openSUSE-SU-2021:3674-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3674-1 advisory. - An attacker can downgrade a negotiated SMB1 client connection and its capabitilities. Kerberos authentication is only possible with the...

8.5CVSS6.8AI score0.01752EPSS
Exploits0References7
Kitploit
Kitploit
added 2021/10/28 11:30 a.m.37 views

DonPAPI - Dumping DPAPI Credz Remotely

Dumping revelant information on compromised targets without AV detection DPAPI dumping Lots of credentials are protected by DPAPI. We aim at locating those "secured" credentials, and retreive them using : User password Domaine DPAPI BackupKey Local machine DPAPI Key protecting TaskScheduled blob...

7.1AI score
Exploits0References7
Rows per page
Query Builder