CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Debian CVE•added 2025/12/30 12:15 p.m.•4 views

CVE-2023-54260

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb direct connection info is NULL, then smbddestroy will directly return, then the connection info will be leaked. Let's set the smb...

5.3AI score0.00173EPSS

CVE•added 2025/12/30 12:9 p.m.•8 views

CVE-2023-54203

The CVE-2023-54203 entry concerns the Linux kernel ksmbd subsystem fix for a slab-out-of-bounds in init_smb2_rsp_hdr triggered while handling SMB1 negotiate as SMB2 server operations. The described issue involves slab-out-of-bounds read (size 16) during SMB1 SMB2 response header processing, with ...

6.2AI score0.00168EPSS

GithubExploit•added 2025/12/30 12:1 a.m.•160 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

Microsoft Windows SMBGhost Vulnerability Checker - CVE-2020-07...

10CVSS9AI score0.9981EPSS

Exploits124

Positive Technologies•added 2025/12/30 12:0 a.m.•1 views

PT-2025-54087

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the CIFS implementation, specifically in the cifs oplock break function. A race condition can occur with deferred close operations and lease break...

5.9AI score0.00168EPSS

CNNVD•added 2025/12/30 12:0 a.m.•3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from insufficient validation of SMB request boundaries, which could lead to out-of-bounds access...

5.8AI score0.00168EPSS

CNNVD•added 2025/12/30 12:0 a.m.•2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from out-of-bounds access to the ksmbd initsmb2rsphdr function...

5.8AI score0.00168EPSS

Tenable Nessus•added 2025/12/30 12:0 a.m.•4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992211)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992211 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: Fix warning and UAF when destroy the MR list If the MR allocate failed, the MR recovery wor...

7.8CVSS5.8AI score0.0014EPSS

Tenable Nessus•added 2025/12/30 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2023-54260

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb direct connection info is NULL, then smbddestroy will directly...

6.1AI score0.00173EPSS

Exploits0References3

RedhatCVE•added 2025/12/25 1:23 p.m.•3 views

CVE-2023-53990

In the Linux kernel, the following vulnerability has been resolved: SMB3: Add missing locks to protect deferred close file list cifsdeldeferredclose function has a critical section which modifies the deferred close file list. We must acquire deferredlock before calling cifsdeldeferredclose functi...

5.5CVSS5.9AI score0.00168EPSS

SUSE CVE•added 2025/12/25 12:56 a.m.•3 views

SUSE CVE-2023-54076

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix missed ses refcounting Use new cifssmbsesincrefcount helper to get an active reference of @ses and @ses-dfsrootses if set. This will prevent @ses-dfsrootses of being put in the next call to cifsputsmbses and thus...

7.8CVSS6.5AI score0.00155EPSS

Exploits0References22

OSV•added 2025/12/24 12:23 p.m.•2 views

CVE-2023-54076 smb: client: fix missed ses refcounting

6.4AI score0.00155EPSS

NVD•added 2025/12/24 11:15 a.m.•5 views

CVE-2023-53990

0.00168EPSS

UbuntuCve•added 2025/12/24 11:15 a.m.•2 views

CVE-2023-53990

5.7AI score0.00168EPSS

Exploits0References6

Cvelist•added 2025/12/24 10:55 a.m.•22 views

CVE-2023-53990 SMB3: Add missing locks to protect deferred close file list

0.00168EPSS

CVE•added 2025/12/24 10:55 a.m.•7 views

CVE-2023-53990

CVE-2023-53990 pertains to the Linux kernel SMB3/cifs path. The issue arises from missing synchronization when modifying the deferred close file list inside cifs_del_deferred_close, creating a potential data race. The root cause is a missing acquire of the deferred_lock around the critical sectio...

6.1AI score0.00168EPSS

OSV•added 2025/12/19 4:46 p.m.•2 views

SUSE-SU-2026:20015-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. - CVE-2025-37916: pdscore: remove write-after-free of clientid bsc1243474. -...

7.8CVSS6.9AI score0.00236EPSS

Exploits1References220

Hacker One•added 2025/12/18 11:38 a.m.•14 views

curl: Heap Buffer Over-Read via Malicious SMB Server READ_ANDX Response

================================================================================ DESCRIPTION: ================================================================================ Summary: I discovered a heap buffer over-read vulnerability in libcurl's SMB protocol implementation. A malicious SMB serv...

6.9AI score

Hacker One•added 2025/12/18 11:13 a.m.•10 views

curl: Heap Buffer Over-Read via Malicious SMB Server READ_ANDX Response

6.9AI score