1851 matches found
The vulnerability in the implementation of the Microsoft Server Message Block 2.0 network protocol on Windows operating systems allows a perpetrator to disclose protected information.
The vulnerability of the Microsoft Server Message Block 2.0 SMBv2 network protocol in Windows operating systems is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose sensitive information with the help of speciall...
CVE-2018-3274
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Kernel. The supported version that is affected is 11.3. Easily exploitable vulnerability allows low privileged attacker with network access via SMB to compromise Solaris. Successful attacks require human...
CVE-2018-3269
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: SMB Server. The supported version that is affected is 11.3. Easily exploitable vulnerability allows low privileged attacker with network access via SMB to compromise Solaris. Successful attacks of this...
Cisco Firepower System Software Detection Engine Denial of Service Vulnerability
Cisco Firepower System Software is a next-generation firewall product NGFW from Cisco. A denial of service vulnerability exists in the implementation of the Server Message Block Version 2 SMBv2 and Version 3 SMBv3 protocols in Cisco Firepower System Software, which stems from the program failing ...
June 14, 2016 — KB3163017 (OS Build 10240.16942)
June 14, 2016 — KB3163017 OS Build 10240.16942 This update includes quality improvements and security fixes. No new operating system features are being introduced in this update. Key changes include: Improved reliability of Internet Explorer 11, Microsoft Edge, and Windows Explorer. Improved...
CVE-2018-0455
A vulnerability in the Server Message Block Version 2 SMBv2 and Version 3 SMBv3 protocol implementation for the Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the device to run low on system memory, possibly preventing the device from forwarding traffic. ...
CVE-2018-16364
A serialization vulnerability in Zoho ManageEngine Applications Manager before build 13740 allows for remote code execution on Windows via a payload on an SMB share...
The vulnerability in the implementation of the SMB network protocol of the Windows operating system allows a perpetrator to trigger a service failure.
The vulnerability of the Microsoft Server Message Block SMB network protocol in the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to cause service interruptions by sending specially crafted SMB requests to the...
CVE-2018-8444
An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 2.0 SMBv2 server handles certain requests, aka "Windows SMB Information Disclosure Vulnerability." This affects Windows Server 2012, Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012 R2...
CVE-2018-8335
A denial of service vulnerability exists in the Microsoft Server Block Message SMB when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2016,...
Tor Browser Deanonymization With SMB Information Disclosure Vulnerability
Tor Browser is a web browser. An information disclosure vulnerability exists in Tor Browser Deanonymization With SMB, which allows remote attackers to bypass expected anonymization features and discover client IP addresses...
CVE-2018-8444
An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 2.0 SMBv2 server handles certain requests, aka "Windows SMB Information Disclosure Vulnerability." This affects Windows Server 2012, Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012 R2...
Microsoft Windows SMB Server Information Disclosure Vulnerability
Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. SMBv2 server is one of the communication protocol servers. An information disclosure vulnerability exists in the way the SMBv2 server in Microsoft Windows handles requests. A remote...
Microsoft Windows SMB Server Denial of Service Vulnerability
Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Server Block Message SMB is one of the communication protocol components. A denial of service vulnerability exists in Microsoft SMB. A remote attacker could exploit this vulnerability b...
RHEL 7 : samba (RHSA-2018:2613)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2613 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...
May 16, 2017—KB4019217 (Preview of Monthly Rollup)
May 16, 2017—KB4019217 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of Monthly Rollup KB4019215 released May 9, 2017 and also includes these new quality improvements as a preview of the next Monthly Rollup update:...
CVE-2018-13415
In Plex Media Server 1.13.2.5154, the XML parsing engine for SSDP/UPnP functionality is vulnerable to an XML External Entity Processing XXE attack. Remote, unauthenticated attackers can use this vulnerability to: 1 Access arbitrary files from the filesystem with the same permission as the user...
Plex Media Server's SSDP XML External Entity Injection Vulnerability
Plex Media Server is a multimedia entertainment player that supports multiple platforms. Plex Media Server's SSDP is vulnerable to an XML External Entity Injection vulnerability, which can be exploited by an unauthenticated attacker on the same LAN to access arbitrary files from the filesystem wi...
CVE-2018-11338
Intuit Lacerte 2017 for Windows in a client/server environment transfers the entire customer list in cleartext over SMB, which allows attackers to 1 obtain sensitive information by sniffing the network or 2 conduct man-in-the-middle MITM attacks via unspecified vectors. The customer list contains...
Thompson Reuters UltraTax CS 2017 for Windows Information Disclosure Vulnerability (CNVD-2019-19056)
Thompson Reuters UltraTax CS 2017 for Windows is a Windows-based automated tax management software from Thompson Reuters, USA. The software is primarily used to automate the management of business or personal tax workflows. An information disclosure vulnerability exists in Thompson Reuters UltraT...