Lucene search
K

1785 matches found

OSV
OSV
added 2025/04/02 2:24 p.m.2 views

USN-7406-1 linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gke, linux-gkeop, linux-ibm, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-meta-raspi, linux-nvidia-tegra, linux-oracle, linux-oracle-5.15, linux-raspi vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - SMB network file system; - Network namespace; - Networking core; CVE-2024-26928, CVE-2024-56658,...

7.8CVSS6.7AI score0.00276EPSS
Exploits0References5
Amazon
Amazon
added 2025/04/01 12:0 a.m.2 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero CVE-2024-26982 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in smb2reconnectserver CVE-2024-35870 In th...

7.8CVSS7AI score0.08906EPSS
Exploits1
CNNVD
CNNVD
added 2025/03/31 12:0 a.m.4 views

Apple macOS 竞争条件问题漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS that originates from mounting a specially crafted SMB network share could result in system termination...

9.8CVSS6.2AI score0.00683EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/03/27 12:0 a.m.5 views

The vulnerability of the smb component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the smb component in the Linux operating system’s kernel is related to improper error handling in the smb3reconfigure function in fs/smb/client/fscontext.c. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00214EPSS
Exploits0References11Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/03/26 12:0 a.m.3 views

The vulnerability of the File Sharing function on the administrator web panel of microprogramming router software GL.iNet GL-MT3000 allows a hacker to read arbitrary files.

The vulnerability of the File Sharing function on the administrator web panel of the GL.iNet GL-MT3000 router software relates to incorrect restrictions on the path name to the restricted directory. Exploiting this vulnerability could allow an attacker, operating remotely, to read arbitrary files...

7.8CVSS5.6AI score0.00473EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/03/20 11:46 a.m.9 views

CLSA-2025-1742471200 kernel: Fix of 19 CVEs

net: defer final 'struct net' free in netns dismantle CVE-2024-56658 - smb: client: fix potential deadlock when releasing mids CVE-2023-52757 - tcp/dccp: Don't use timerpending in reqskqueueunlink. CVE-2024-50154 - ALSA: 6fire: Release resources at card release CVE-2024-53239 - smb: client: fix...

7.8CVSS7.3AI score0.00809EPSS
Exploits0References1
SUSE Linux
SUSE Linux
added 2025/03/13 3:46 p.m.1 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-26708: mptcp: fix inconsistent state on fastopen race bsc1222672. CVE-2024-40980: dropmonitor: replace spinlock by rawspinlock bsc1227937. CVE-2024-44974:...

8.6CVSS8.2AI score0.00571EPSS
Exploits1References398
Microsoft CVE
Microsoft CVE
added 2025/03/13 7:0 a.m.2 views

smb: client: fix use-after-free of signing key

...

7.8CVSS7.9AI score0.00245EPSS
Exploits0
OSV
OSV
added 2025/03/12 10:15 a.m.1 views

DEBIAN-CVE-2025-21844

In the Linux kernel, the following vulnerability has been resolved: smb: client: Add check for nextbuffer in receiveencryptedstandard Add check for the return value of cifsbufget and cifssmallbufget in receiveencryptedstandard to prevent null pointer dereference...

5.5CVSS5.6AI score0.0021EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/07 12:0 a.m.7 views

Sage 200 Spain 安全漏洞

Sage 200 Spain is a business management software from Sage. A security vulnerability exists in Sage 200 Spain versions prior to 2025.35.000, which stems from an SMB mandatory authentication vulnerability that could lead to an administrator-privileged user obtaining an NTLMv2-SSP hash by changing...

7.1CVSS6.8AI score0.00335EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/02/28 2:21 a.m.2 views

SUSE CVE-2025-21725

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to unset link speed It isn't guaranteed that NETWORKINTERFACEINFO::LinkSpeed will always be set by the server, so the client must handle any values and then prevent oopses like below from happening: Oops...

5.5CVSS7.6AI score0.00167EPSS
Exploits0References13
OSV
OSV
added 2025/02/26 7:1 a.m.2 views

UBUNTU-CVE-2022-49366

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix reference count leak in smbcheckpermdacl The issue happens in a specific path in smbcheckpermdacl. When "id" and "uid" have the same value, the function simply jumps out of the loop without decrementing the reference...

5.5CVSS5.7AI score0.0024EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2025/02/17 12:0 a.m.5 views

The vulnerability in the implementation of the SMB protocol in the Mac OS allows a perpetrator to increase their privileges and execute arbitrary code.

The vulnerability of the SMB protocol implementation in the Mac OS is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to enhance their privileges and execute arbitrary code...

6.8CVSS5.8AI score0.00244EPSS
Exploits0References2Affected Software1
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fixed OOB issues when building SMB2IOCTL requests. When encryption is used, whether enforced by the server or when using the “seal” mount option, the client will squash all compound request buffers into a single iov ...

7.8CVSS6.9AI score0.00281EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/02/07 12:0 a.m.7 views

The vulnerability in the implementation of the SMB protocol on macOS operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the SMB protocol implementation in macOS lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

10CVSS5.9AI score0.00228EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/02/04 12:17 p.m.5 views

CLSA-2025-1738671431 kernel: Fix of 43 CVEs

smb: client: fix use-after-free of signing key CVE-2024-53179 - smb: client: stop flooding dmesg in smb2calcsignature CVE-2024-53179 - smb3: fix oops in calculating shashsetkey CVE-2024-53179 - cifs: return correct error in -calcsignature CVE-2024-53179 - cifs: secmech: use shashdesc directly,...

7.8CVSS7AI score0.01325EPSS
Exploits2References1
CNNVD
CNNVD
added 2025/02/03 12:0 a.m.4 views

Xerox Versalink 安全漏洞

Xerox VersaLink is a line of commercial printers from Xerox Corporation USA. A security vulnerability exists in Xerox Versalink that originates from access via the address book and can modify SMB/FTP settings, redirect scans and potentially capture credentials...

7.6CVSS7.9AI score0.00573EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/01/29 8:0 a.m.3 views

smb: Initialize cfid->tcon before performing network ops

...

4.7CVSS6.6AI score0.00195EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/01/29 8:0 a.m.6 views

ksmbd: fix use-after-free in SMB request handling

...

7.8CVSS7.9AI score0.00174EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/01/29 8:0 a.m.4 views

smb: client: fix possible double free in smb2_set_ea()

...

5.5CVSS6.9AI score0.00215EPSS
Exploits0
Rows per page
Query Builder