Lucene search
K

1785 matches found

Debian CVE
Debian CVE
added 2025/08/16 11:12 a.m.4 views

CVE-2025-38523

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the smbdresponse slab to allow usercopy The handling of received data in the smbdirect client code involves using copytoiter to copy data from the smbdreponse struct's packet trailer to a folioq buffer provided by...

5.5CVSS5.7AI score0.00143EPSS
Exploits0
OSV
OSV
added 2025/08/16 11:12 a.m.3 views

CVE-2025-38523 cifs: Fix the smbd_response slab to allow usercopy

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the smbdresponse slab to allow usercopy The handling of received data in the smbdirect client code involves using copytoiter to copy data from the smbdreponse struct's packet trailer to a folioq buffer provided by...

5.5CVSS6.4AI score0.00143EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/08/16 12:0 a.m.4 views

PT-2025-33601 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: The Linux kernel contains a flaw in the ksmbd module related to command request size validation. Specifically, the request size of commands, except for SMB2 OPLOCK BREAK HE, was not...

6AI score0.00135EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-45100

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates in cleartext even though encryption has been enabled. This...

7.5CVSS7AI score0.00905EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-38427

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in...

9.8CVSS6.8AI score0.01129EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.9 views

Oracle Linux 10 : kernel (ELSA-2025-13598)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-13598 advisory. - wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds - CVE-2025-38159 - Revert 'smb: client: fix TCP timers deadlock after rmmod'...

7.8CVSS7.3AI score0.00225EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/08/14 6:24 p.m.2 views

CVE-2025-50169

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB allows an unauthorized attacker to execute code over a network...

7.5CVSS7.7AI score0.00601EPSS
Exploits0References1
Metasploit
Metasploit
added 2025/08/13 6:54 p.m.423 views

SMB Fetch

Fetch and execute an x64 payload from an SMB server. Module Options msf use payload/cmd/windows/smb/x64/downloadexec msf payloaddownloadexec show actions ...actions... msf payloaddownloadexec set ACTION msf payloaddownloadexec show options ...show and set options... msf payloaddownloadexec run Th...

5.9AI score
Exploits0
Ubuntu
Ubuntu
added 2025/08/13 7:36 a.m.11 views

USN-7685-5: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - Ext4 file system; - SMB network file syste...

9.8CVSS7AI score0.01483EPSS
Exploits0
GithubExploit
GithubExploit
added 2025/08/13 5:40 a.m.702 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft

NTLM/SMB Hardening & Threat Hunt Toolkit Author: w01f...

7.5CVSS10AI score0.58974EPSS
Exploits21
NVD
NVD
added 2025/08/12 6:15 p.m.3 views

CVE-2025-50169

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB allows an unauthorized attacker to execute code over a network...

7.5CVSS0.00601EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/12 5:10 p.m.1 views

CVE-2025-50169 Windows SMB Remote Code Execution Vulnerability

...

7.5CVSS7.2AI score0.00601EPSS
Exploits0References1
CVE
CVE
added 2025/08/12 5:10 p.m.34 views

CVE-2025-50169

CVE-2025-50169 is a Windows SMB remote code execution vulnerability driven by a race condition in the SMB server where concurrent access to a shared resource is improperly synchronized. Publicly disclosed details in the provided documents confirm: the flaw exists in Windows SMB and enables code e...

7.5CVSS7.6AI score0.00601EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2025/08/12 5:10 p.m.6 views

CVE-2025-50169 Windows SMB Remote Code Execution Vulnerability

...

7.5CVSS0.00601EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/08/12 7:0 a.m.4 views

Windows SMB Remote Code Execution Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB allows an unauthorized attacker to execute code over a network...

7.5CVSS7.7AI score0.00601EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-22077

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Revert smb: client: fix TCP timers deadlock after rmmod This reverts commit e9f2517a3e18a54a3943c098d2226b245d488801. Commit e9f2517a3e18 smb: client: fix TCP...

5.5CVSS6.3AI score0.00122EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/08/12 12:0 a.m.3 views

PT-2025-32792 · Microsoft · Windows Smb +1

Name of the Vulnerable Software and Affected Versions: Windows SMB affected versions not specified Description: Concurrent execution using a shared resource with improper synchronization a 'race condition' in Windows SMB allows an unauthorized attacker to execute code over a network...

7.5CVSS7.4AI score0.00601EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-29532

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB...

5.5CVSS7.2AI score0.00185EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-21844

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: Add check for nextbuffer in receiveencryptedstandard Add check for the return value of cifsbufget and cifssmallbufget in receiveencryptedstandard t...

5.5CVSS6.8AI score0.0021EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/08/12 12:0 a.m.11 views

PT-2025-34059

Name of the Vulnerable Software and Affected Versions: SMB affected versions not specified Description: A vulnerability exists that could cause unauthorized access to sensitive credential data when an attacker is able to capture local SMB traffic between a valid user within the BMS network and th...

1.4CVSS5.8AI score0.0018EPSS
Exploits0References9
Rows per page
Query Builder