Lucene search
K

1784 matches found

Gitee
Gitee
added 2025/09/14 3:58 p.m.255 views

AutoBlue-MS17-010

This is a semi-automated, fully working, no-bs, non-metasploit version of the public exploit code for MS17-010. The exploit is designed to target Windows systems vulnerable to the EternalBlue vulnerability, which is a remote code execution RCE vulnerability in the SMBv1 protocol. The exploit code...

8.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/09/11 5:29 p.m.3 views

CVE-2025-55234

SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make the users subject to elevation of privilege attacks. The SMB Server already supports mechanisms for hardening against...

9.8CVSS7.2AI score0.18834EPSS
Exploits1References1
The Hacker News
The Hacker News
added 2025/09/10 11:14 a.m.15 views

Microsoft Fixes 80 Flaws — Including SMB PrivEsc and Azure CVSS 10.0 Bugs

Microsoft on Tuesday addressed a set of 80 security flaws in its software, including one vulnerability that has been disclosed as publicly known at the time of release. Of the 80 vulnerabilities, eight are rated Critical and 72 are rated Important in severity. None of the shortcomings has been...

10CVSS8.4AI score0.32908EPSS
Exploits7
Talos Blog
Talos Blog
added 2025/09/09 7:12 p.m.7 views

Microsoft Patch Tuesday for September 2025 – Snort rules and prominent vulnerabilities

Microsoft has released its monthly security update for September 2025, which includes 86 vulnerabilities affecting a range of products. In this month's release, Microsoft observed none of the included vulnerabilities being exploited in the wild. However, there are eight vulnerabilities where...

8.8CVSS8.7AI score0.18706EPSS
Exploits3
NCSC
NCSC
added 2025/09/09 6:22 p.m.7 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Circumvention of a security measure - Execution of arbitrary code root/admin privileges - Execution...

9.8CVSS7.6AI score0.18834EPSS
Exploits5
NVD
NVD
added 2025/09/09 5:15 p.m.2 views

CVE-2025-54101

Use after free in Windows SMBv3 Client allows an authorized attacker to execute code over a network...

4.8CVSS0.02351EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/09/09 5:1 p.m.16 views

CVE-2025-55234 Windows SMB Elevation of Privilege Vulnerability

...

8.8CVSS0.18834EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/09/09 5:1 p.m.1 views

CVE-2025-55234 Windows SMB Elevation of Privilege Vulnerability

...

8.8CVSS6.5AI score0.18834EPSS
Exploits1References1
CVE
CVE
added 2025/09/09 5:1 p.m.66 views

CVE-2025-55234

CVE-2025-55234 (Windows SMB Relay Elevation of Privilege) : The vulnerability relates to SMB Server relay attacks that can escalate privileges when signing and EPA protections are not enabled. Public docs indicate SMB Server signing and Extended Protection for Authentication (EPA) exist as harden...

9.8CVSS6.7AI score0.18834EPSS
Exploits1References3Affected Software15
CVE
CVE
added 2025/09/09 5:0 p.m.58 views

CVE-2025-54101

CVE-2025-54101: Use-after-free in Windows SMBv3 Client can lead to remote code execution by an authorized attacker over the network. The Connected documents confirm this SMBv3 Client issue and tie remediation to the September 2025 Windows updates that address SMB-related vulnerabilities (e.g., SM...

4.8CVSS7AI score0.02351EPSS
Exploits0References3Affected Software12
Vulnrichment
Vulnrichment
added 2025/09/09 5:0 p.m.1 views

CVE-2025-54101 Windows SMB Client Remote Code Execution Vulnerability

...

4.8CVSS6.5AI score0.02351EPSS
Exploits0References1
NVD
NVD
added 2025/09/09 1:15 p.m.7 views

CVE-2025-9065

A server-side request forgery security issue exists within Rockwell Automation ThinManager® software due to the lack of input sanitization. Authenticated attackers can exploit this vulnerability by specifying external SMB paths, exposing the ThinServer® service account NTLM hash...

8.8CVSS0.00431EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/09 12:51 p.m.5 views

CVE-2025-9065 Rockwell Automation ThinManager® Server-Side Request Forgery Vulnerability

A server-side request forgery security issue exists within Rockwell Automation ThinManager® software due to the lack of input sanitization. Authenticated attackers can exploit this vulnerability by specifying external SMB paths, exposing the ThinServer® service account NTLM hash...

8.6CVSS6.2AI score0.00431EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/09/09 7:0 a.m.5 views

Windows SMB Client Remote Code Execution Vulnerability

Use after free in Windows SMBv3 Client allows an authorized attacker to execute code over a network...

4.8CVSS7.5AI score0.02351EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/09/09 12:0 a.m.2 views

KB5065509: Windows Server 2012 Security Update (September 2025)

The remote Windows host is missing security update 5065509. It is, therefore, affected by multiple vulnerabilities - SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make t...

9.8CVSS8.8AI score0.18834EPSS
Exploits4References35
Tenable Nessus
Tenable Nessus
added 2025/09/09 12:0 a.m.3 views

KB5065429: Windows 10 version 21H2 / Windows 10 Version 22H2 Security Update (September 2025)

The remote Windows host is missing security update 5065429. It is, therefore, affected by multiple vulnerabilities - SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make t...

9.8CVSS8.9AI score0.18834EPSS
Exploits4References46
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.2 views

PT-2025-36891

Name of the Vulnerable Software and Affected Versions Windows Server Message Block SMB versions prior to September 2025 Patch Tuesday Description The SMB Server may be susceptible to relay attacks depending on the configuration. Successful exploitation of this issue could allow an attacker to...

9.8CVSS7AI score0.18834EPSS
Exploits1References65
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.2 views

PT-2025-36843

Name of the Vulnerable Software and Affected Versions: Windows SMBv3 Client affected versions not specified Description: A use-after-free issue exists in the Windows SMBv3 Client. This allows an authorized attacker to execute code over a network. The vulnerability enables remote attackers to...

4.8CVSS7.1AI score0.02351EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/09/09 12:0 a.m.4 views

Microsoft SMBv3 资源管理错误漏洞

Microsoft SMBv3 is a support firmware from Microsoft Corporation USA that provides SMB functionality for devices. A resource management error vulnerability exists in Microsoft SMBv3. An attacker exploiting this vulnerability could remotely execute code. The following products and versions are...

4.8CVSS6.5AI score0.02351EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/09/09 12:0 a.m.2 views

KB5065430: Windows 10 LTS 1507 Security Update (September 2025)

The remote Windows host is missing security update 5065430. It is, therefore, affected by multiple vulnerabilities - SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make t...

9.8CVSS9.2AI score0.18834EPSS
Exploits4References31
Rows per page
Query Builder