The vulnerability of the SMBv2 component of the Windows operating system, allowing a hacker to execute arbitrary code

The vulnerability of the SMBv2 component in the Windows operating system is related to insecure management of privileges. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code by sending a specially crafted package to the SMBv2 server...

The vulnerability of LibreOffice and Apache OpenOffice office programs, related to the automatic initiation of SMB connections, allows attackers to gain access to protected information.

The vulnerability of LibreOffice and Apache OpenOffice office programs relates to the automatic initiation of SMB connections. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to protected information using a specially crafted file...

Microsoft Windows Multiple Vulnerabilities (KB4487026)

This host is missing a critical security update according to Microsoft KB4487026 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

Microsoft Windows Multiple Vulnerabilities (KB4487018)

This host is missing a critical security update according to Microsoft KB4487018 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

The vulnerability of the Solaris operating system’s kernel, which allows a hacker to trigger a service failure

The vulnerability of the Solaris operating system’s kernel is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service failures using the SMB protocol...

USN-3883-1 libreoffice vulnerabilities

It was discovered that LibreOffice incorrectly handled certain document files. If a user were tricked into opening a specially crafted document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code. CVE-2018-10119, CVE-2018-10120, CVE-2018-11790 It was discovere...

CVE-2018-5498

Clustered Data ONTAP versions 9.0 through 9.4 are susceptible to a vulnerability which allows remote authenticated attackers to cause a Denial of Service DoS in NFS and SMB environments. Exploitation of this vulnerability will allow a remote authenticated attacker to cause a Denial of Service DoS...

The vulnerability of the Samba networking communication software package lies in the absence of SMB traffic signatures, which allows attackers to execute a “man-in-the-middle” attack.

The vulnerability of the Samba networking communication package is related to the absence of SMB traffic signatures. Exploiting this vulnerability allows a remote attacker to execute a “man-in-the-middle” attack and obtain protected information in text form...

The vulnerability of the implementation of SMBv2 and SMBv3 protocols in Cisco Firepower System software allows a perpetrator to induce a service failure.

The vulnerability of the SMBv2 and SMBv3 protocols implemented by Cisco Firepower System arises from incorrect validation of the SMB message header. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

The vulnerability of the SVG vector graphics rendering library, librsvg, related to a data input validation error, allows attackers to trigger a service failure.

The vulnerability of the SVG vector graphics rendering library is related to an error in data input validation. This error may allow a hacker to intercept the Windows user’s password and NTLM credentials via the SMB protocol. Exploiting this vulnerability could enable a remote attacker to gain...

Samba Denial of Service Vulnerability (CNVD-2019-08294)

Samba is a freeware implementation of the SMB protocol on Linux and UNIX systems, consisting of a server and a client program. Samba suffers from a denial of service vulnerability that can be exploited by an attacker to cause a denial of service null pointer backreference...

libreoffice: Information disclosure via SMB connection embedded in malicious file

An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt...

The vulnerability in the implementation of the Microsoft Server Message Block 2.0 network protocol on Windows operating systems allows a perpetrator to disclose protected information.

The vulnerability of the Microsoft Server Message Block 2.0 SMBv2 network protocol in Windows operating systems is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose sensitive information with the help of speciall...

CVE-2018-3274

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Kernel. The supported version that is affected is 11.3. Easily exploitable vulnerability allows low privileged attacker with network access via SMB to compromise Solaris. Successful attacks require human...

CVE-2018-3269

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: SMB Server. The supported version that is affected is 11.3. Easily exploitable vulnerability allows low privileged attacker with network access via SMB to compromise Solaris. Successful attacks of this...

Cisco Firepower System Software Detection Engine Denial of Service Vulnerability

Cisco Firepower System Software is a next-generation firewall product NGFW from Cisco. A denial of service vulnerability exists in the implementation of the Server Message Block Version 2 SMBv2 and Version 3 SMBv3 protocols in Cisco Firepower System Software, which stems from the program failing ...

June 14, 2016 — KB3163017 (OS Build 10240.16942)

June 14, 2016 — KB3163017 OS Build 10240.16942 This update includes quality improvements and security fixes. No new operating system features are being introduced in this update. Key changes include: Improved reliability of Internet Explorer 11, Microsoft Edge, and Windows Explorer. Improved...

CVE-2018-0455

A vulnerability in the Server Message Block Version 2 SMBv2 and Version 3 SMBv3 protocol implementation for the Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the device to run low on system memory, possibly preventing the device from forwarding traffic. ...

CVE-2018-16364

A serialization vulnerability in Zoho ManageEngine Applications Manager before build 13740 allows for remote code execution on Windows via a payload on an SMB share...

The vulnerability in the implementation of the SMB network protocol of the Windows operating system allows a perpetrator to trigger a service failure.

The vulnerability of the Microsoft Server Message Block SMB network protocol in the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to cause service interruptions by sending specially crafted SMB requests to the...