DEBIAN-CVE-2023-53230

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix warning in cifssmb3domount This fixes the following warning reported by kernel test robot fs/smb/client/cifsfs.c:982 cifssmb3domount warn: possible memory leak of 'cifssb'...

CVE-2023-53230

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix warning in cifssmb3domount This fixes the following warning reported by kernel test robot fs/smb/client/cifsfs.c:982 cifssmb3domount warn: possible memory leak of 'cifssb'...

CVE-2023-53230 smb: client: fix warning in cifs_smb3_do_mount()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix warning in cifssmb3domount This fixes the following warning reported by kernel test robot fs/smb/client/cifsfs.c:982 cifssmb3domount warn: possible memory leak of 'cifssb'...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: tls: separate no-async decryption request handling from async CVE-2024-58240 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in decryption with multichannel CVE-2025-37750 ...

tactical-exploitation

This is a tactical exploitation toolkit repository. It contains a Python script called "easywin.py" that provides a toolkit for exploit-less attacks aimed at Windows and Active Directory environments. The script leverages information gathering and brute force capabilities against the SMB protocol...

AutoBlue-MS17-010

This is a semi-automated, fully working, no-bs, non-metasploit version of the public exploit code for MS17-010. The exploit is designed to target Windows systems vulnerable to the EternalBlue vulnerability, which is a remote code execution RCE vulnerability in the SMBv1 protocol. The exploit code...

CVE-2025-55234

SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make the users subject to elevation of privilege attacks. The SMB Server already supports mechanisms for hardening against...

Microsoft Fixes 80 Flaws — Including SMB PrivEsc and Azure CVSS 10.0 Bugs

Microsoft on Tuesday addressed a set of 80 security flaws in its software, including one vulnerability that has been disclosed as publicly known at the time of release. Of the 80 vulnerabilities, eight are rated Critical and 72 are rated Important in severity. None of the shortcomings has been...

Microsoft Patch Tuesday for September 2025 – Snort rules and prominent vulnerabilities

Microsoft has released its monthly security update for September 2025, which includes 86 vulnerabilities affecting a range of products. In this month's release, Microsoft observed none of the included vulnerabilities being exploited in the wild. However, there are eight vulnerabilities where...

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS - Circumvention of a security measure - Execution of arbitrary code root/admin privileges - Execution...

CVE-2025-54101

Use after free in Windows SMBv3 Client allows an authorized attacker to execute code over a network...

CVE-2025-55234

CVE-2025-55234 (Windows SMB Relay Elevation of Privilege) : The vulnerability relates to SMB Server relay attacks that can escalate privileges when signing and EPA protections are not enabled. Public docs indicate SMB Server signing and Extended Protection for Authentication (EPA) exist as harden...

CVE-2025-55234 Windows SMB Elevation of Privilege Vulnerability

...

CVE-2025-55234 Windows SMB Elevation of Privilege Vulnerability

...

CVE-2025-54101

CVE-2025-54101: Use-after-free in Windows SMBv3 Client can lead to remote code execution by an authorized attacker over the network. The Connected documents confirm this SMBv3 Client issue and tie remediation to the September 2025 Windows updates that address SMB-related vulnerabilities (e.g., SM...

CVE-2025-54101 Windows SMB Client Remote Code Execution Vulnerability

...

CVE-2025-9065

A server-side request forgery security issue exists within Rockwell Automation ThinManager® software due to the lack of input sanitization. Authenticated attackers can exploit this vulnerability by specifying external SMB paths, exposing the ThinServer® service account NTLM hash...

CVE-2025-9065 Rockwell Automation ThinManager® Server-Side Request Forgery Vulnerability

A server-side request forgery security issue exists within Rockwell Automation ThinManager® software due to the lack of input sanitization. Authenticated attackers can exploit this vulnerability by specifying external SMB paths, exposing the ThinServer® service account NTLM hash...

Windows SMB Client Remote Code Execution Vulnerability

Use after free in Windows SMBv3 Client allows an authorized attacker to execute code over a network...

PT-2025-36891

Name of the Vulnerable Software and Affected Versions Windows Server Message Block SMB versions prior to September 2025 Patch Tuesday Description The SMB Server may be susceptible to relay attacks depending on the configuration. Successful exploitation of this issue could allow an attacker to...