SUSE CVE-2018-16451

The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:printtrans for \MAILSLOT\BROWSE and \PIPE\LANMAN...

SUSE CVE-2018-20106

In yast2-printer up to and including version 4.0.2 the SMB printer settings don't escape characters in passwords properly. If a password with backticks or simliar characters is supplied this allows for executing code as root. This requires tricking root to enter such a password in yast...

SUSE CVE-2019-10220

Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists...

SUSE CVE-2019-15918

An issue was discovered in the Linux kernel before 5.0.10. SMB2negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21...

SUSE CVE-2019-15920

An issue was discovered in the Linux kernel before 5.0.10. SMB2read in fs/cifs/smb2pdu.c has a use-after-free. NOTE: this was not fixed correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents a memory leak...

SUSE CVE-2022-22995

The combination of primitives offered by SMB and AFP in their default configuration allows the arbitrary writing of files. By exploiting these combination of primitives, an attacker can execute arbitrary code...

CVE-2022-43552

A use after free vulnerability exists in curl 7.87.0. Curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can and often do deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocat...

AZL-13284 CVE-2022-43552 affecting package curl for versions less than 7.86.0-3

A use after free vulnerability exists in curl 7.87.0. Curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can and often do deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocat...

ALPINE-CVE-2022-43552

A use after free vulnerability exists in curl 7.87.0. Curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can and often do deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocat...

DEBIAN-CVE-2022-43552

A use after free vulnerability exists in curl 7.87.0. Curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can and often do deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocat...

The vulnerability of the Server Message Block Version 2 (SMB2) protocol implementation in the Snort intrusion detection system of Cisco Firepower Threat Defense (FTD), the Cisco Meraki MX network device management software, the Cisco Cyber Vision industrial network security control solution, and the Cisco Umbrella cloud security service allows a perpetrator to bypass security restrictions and cause service interruptions.

The vulnerability of the Server Message Block Version 2 SMB2 implementation in the Snort intrusion detection system of the Cisco Firepower Threat Defense FTD microprogramming network interface devices, the Cisco Meraki MX network devices, the Cisco Cyber Vision industrial network security control...

VulnCheck KEV: CVE-2022-24500

Windows SMB Remote Code Execution Vulnerability...

The vulnerability of the Windows SMB Witness service in Microsoft Windows operating systems allows a perpetrator to increase their privileges.

The vulnerability of the Windows SMB Witness service in Microsoft Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

CVE-2023-21549

Windows SMB Witness Service Elevation of Privilege Vulnerability...

CVE-2023-21549

Windows SMB Witness Service Elevation of Privilege Vulnerability...

Microsoft Windows SMB Server 安全漏洞

Microsoft Windows SMB Server is a network file-sharing protocol from Microsoft. It allows applications on a computer to read and write files and request services from server programs on a computer network. A security vulnerability exists in Microsoft Windows SMB Server. An attacker could exploit...

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2misc.c has an out-of-bounds read and OOPS for SMB2_TREE_CONNECT.

...

The vulnerability of the SMB subsystem in Linux operating systems allows a hacker to execute arbitrary code.

The vulnerability of the SMB subsystem in Linux operating systems is related to the operation of operations beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code during the processing of SMB2QUERYINFOHE requests...

The vulnerability of the SMB subsystem in Linux operating systems allows a hacker to remotely cause a service failure.

The vulnerability of the SMB subsystem fs/ksmbd/smb2pdu.c in the Linux operating system is related to the lack of memory release after usage. Exploiting this vulnerability can allow a remote attacker to cause service failures during the processing of SMB2NEGOTIATE...

The vulnerability of the SMB subsystem in Linux operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the SMB subsystem fs/ksmbd/smb2misc.c in the Linux operating system is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure during the processing of SMB2TREECONNECT...