Lucene search
K

1851 matches found

CNNVD
CNNVD
added 2023/07/17 12:0 a.m.3 views

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. An input validation error vulnerability exists in versions of Linux kernel prior to 6.3.9, which stems from ksmbd not validating the SMB request protocol ID, and can be exploit...

9.1CVSS8.6AI score0.01059EPSS
Exploits0References7
OSV
OSV
added 2023/07/13 11:15 a.m.5 views

CVE-2023-24480

Controller DoS due to stack overflow when decoding a message from the server. See Honeywell Security Notification for recommendations on upgrading and versioning...

7.5CVSS5.8AI score0.006EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/07/13 12:0 a.m.8 views

Honeywell Products 缓冲区错误漏洞

Honeywell Products is a family of products from Honeywell USA. Honeywell Products suffers from a buffer error vulnerability that originates from a stack overflow when decoding a message from a server, resulting in a controller DoS...

9.8CVSS7.7AI score0.006EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/07/10 4:15 p.m.5 views

CVE-2023-32254

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2TREEDISCONNECT commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this...

9.8CVSS5.9AI score0.02937EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2023/07/10 4:15 p.m.3 views

CVE-2023-32250

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2SESSIONSETUP commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerabilit...

9CVSS5.9AI score0.02593EPSS
Exploits0References5
OSV
OSV
added 2023/07/10 4:15 p.m.3 views

DEBIAN-CVE-2023-32250

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2SESSIONSETUP commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerabilit...

8.1CVSS6.8AI score0.02593EPSS
Exploits0References1
OSV
OSV
added 2023/07/10 4:15 p.m.2 views

DEBIAN-CVE-2023-32254

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2TREEDISCONNECT commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this...

8.1CVSS6.8AI score0.02937EPSS
Exploits0References1
OSV
OSV
added 2023/06/19 10:15 a.m.5 views

CVE-2023-29532

A local attacker can trick the Mozilla Maintenance Service into applying an unsigned update file by pointing the service at an update file on a malicious SMB server. The update file can be replaced after the signature check, before the use, because the write-lock requested by the service does not...

5.5CVSS6.9AI score
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/06/19 12:0 a.m.6 views

The vulnerability of the Windows SMB Witness service allows a hacker to bypass access control procedures for RPC processes.

The vulnerability of the Windows SMB Witness service for Windows operating systems is related to security configuration errors. Exploiting this vulnerability could allow a malicious actor to bypass access checks for RPC procedures using a specially created script...

7.5CVSS7.4AI score0.01203EPSS
Exploits0References3
OSV
OSV
added 2023/06/14 12:15 a.m.4 views

CVE-2023-32021

Windows SMB Witness Service Security Feature Bypass Vulnerability...

7.1CVSS7.3AI score0.01203EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/06/13 12:0 a.m.3 views

PT-2023-3121 · Microsoft · Windows Smb Witness Service +1

Name of the Vulnerable Software and Affected Versions: Windows SMB Witness Service affected versions not specified Description: The issue is related to errors in security settings, allowing a remote attacker to bypass access checks to RPC procedures using a specially crafted script. This can affe...

7.5CVSS7.9AI score0.01203EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2023/06/05 12:30 p.m.5 views

curl: Use-after-free triggered by an HTTP proxy deny response

A vulnerability was found in curl. In this issue, curl can be asked to tunnel all protocols virtually it supports through an HTTP proxy. HTTP proxies can deny these tunnel operations using an appropriate HTTP error response code. When getting denied to tunnel the specific SMB or TELNET protocols,...

5.9CVSS7.1AI score0.02511EPSS
Exploits1References5
OSV
OSV
added 2023/05/29 4:34 p.m.4 views

CLSA-2023-1685378052 curl: Fix of 2 CVEs

CVE-2022-43552: smb/telnet: do not free the protocol struct in done - CVE-2022-35252: cookie: reject cookies with "control bytes"...

5.9CVSS6.8AI score0.02511EPSS
Exploits2References1
GithubExploit
GithubExploit
added 2023/05/29 6:31 a.m.6 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0...

10CVSS7.1AI score0.9981EPSS
Exploits125
BDU FSTEC
BDU FSTEC
added 2023/05/24 12:0 a.m.4 views

The vulnerability of the ksmbd module in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the ksmbd module in Linux operating systems is related to the improper release of resources. Exploiting this vulnerability allows a remote attacker to cause service failures using the SMB2SESSIONSETUP command...

5.3CVSS5.9AI score0.00453EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/05/24 12:0 a.m.5 views

The vulnerability of the ksmbd module in Linux operating systems allows a perpetrator to gain unauthorized access to protected information or cause service failures.

The vulnerability of the ksmbd module in Linux operating systems is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause service failures using the SMB2QUERYINFO and SMB2LOGOFF command...

7.5CVSS7.1AI score0.00504EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/05/24 12:0 a.m.5 views

The vulnerability of the ksmbd module in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the ksmbd module in Linux operating systems is related to the improper release of resources. Exploiting this vulnerability allows a remote attacker to cause service failures using the SMB2SESSIONSETUP command...

7.8CVSS6.7AI score0.03872EPSS
Exploits0References13Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/05/24 12:0 a.m.4 views

The vulnerability of the ksmbd module in Linux operating systems allows a hacker to execute arbitrary code.

The vulnerability of the ksmbd module in Linux operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using the SMB2QUERYINFO and SMB2LOGOFF commands...

8.1CVSS7.3AI score0.02393EPSS
Exploits0References13Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/05/24 12:0 a.m.6 views

The vulnerability of the ksmbd module in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the ksmbd module in Linux operating systems is related to pointer arithmetic errors. Exploiting this vulnerability can allow a remote attacker to cause a service failure using the SMB2LOGOFF command...

7.8CVSS6.7AI score0.0406EPSS
Exploits0References14Affected Software3
OSV
OSV
added 2023/05/22 12:0 a.m.2 views

UBUNTU-CVE-2023-32250

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2SESSIONSETUP commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerabilit...

9CVSS6.9AI score0.02593EPSS
Exploits0References13
Rows per page
Query Builder