Mobatek MobaXterm 安全漏洞

Mobatek MobaXterm is a terminal software developed by the French company Mobatek. It integrates an enhanced terminal, X servers, and Unix command sets GNU/Cygwin. Version 12.1 of Mobatek MobaXterm contains a security vulnerability. This vulnerability stems from a buffer overflow in the structured...

Linux Distros Unpatched Vulnerability : CVE-2025-37924

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix use-after-free in kerberos authentication Setting sess-user = NULL was introduced to fix the dangling pointer created by ksmbdfreeuser. However, it i...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Fixed a dangling pointer in krbauthenticate. krbauthenticate frees sess-user and does not set the pointer to NULL. It calls ksmbdkrb5authenticate to reinitialise sess-user, but that function may return without doing so...

SUSE CVE-2025-37899

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in session logoff The sess-user object can currently be in use by another thread, for example if another connection has sent a session setup request to bind to the session being free'd. The handler for...

DEBIAN-CVE-2025-37924

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in kerberos authentication Setting sess-user = NULL was introduced to fix the dangling pointer created by ksmbdfreeuser. However, it is possible another thread could be operating on the session and make...

CVE-2025-37778

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix dangling pointer in krbauthenticate krbauthenticate frees sess-user and does not set the pointer to NULL. It calls ksmbdkrb5authenticate to reinitialise sess-user but that function may return without doing so. If that...

DEBIAN-CVE-2025-37778

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix dangling pointer in krbauthenticate krbauthenticate frees sess-user and does not set the pointer to NULL. It calls ksmbdkrb5authenticate to reinitialise sess-user but that function may return without doing so. If that...

UBUNTU-CVE-2025-37778

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix dangling pointer in krbauthenticate krbauthenticate frees sess-user and does not set the pointer to NULL. It calls ksmbdkrb5authenticate to reinitialise sess-user but that function may return without doing so. If that...

PT-2025-22186

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue in the Linux kernel's ksmbd component, related to Kerberos authentication, has been identified. The problem arises when another thread operates on a session and us...

PT-2025-18459

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A dangling pointer issue in the krb authenticate function has been identified. The krb authenticate function frees sess-user but does not set the pointer to NULL. It then calls ksmbd krb...

CVE-2023-44293

In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance between v5.10.00.00 and v5.18.00.00, a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of IP Range Rest API. This issue may potentially le...

PT-2023-3671 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.3.4 Description: The issue is related to the function session user in the fs/ksmbd/smb2pdu.c module of the Linux kernel's KSMBD file system. It involves an out-of-bounds read due to improper checking of the...

[SECURITY] Fedora 28 Update: PackageKit-1.1.10-1.fc28

PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distro, cross-architecture API...

The vulnerability of the simpleupload.py script in the Tenable Appliance web interface allows a hacker to execute arbitrary commands.

The vulnerability of the simpleupload.py script in the Tenable Appliance web interface is related to the lack of data cleaning at the management level. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using the tnsappliancesessionuser parameter...

Tenable Appliance Arbitrary Command Execution Vulnerability

Tenable Appliance is a browser management program developed by Tenable Network Security. An arbitrary command execution vulnerability exists in Tenable Appliance versions 3.5 through 4.4.0. A remote attacker can inject arbitrary commands by manipulating the tnsappliancesessionuser parameter...

The vulnerability of the Moodle learning management system allows a hacker to replace a user during a session.

The vulnerability of the admin/registration/register.php function in the Moodle learning management system is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to replace a user during a session by sending a request that sends statistics to...

Samba Unicode Filename Buffer Overflow (CVE-2004-0882)

A vulnerability has been reported in the way Samba handles file information requests. A malformed request can trick the server into overflowing an incorrectly allocated buffer while generating a response. If certain conditions are met, an attacker can exploit this vulnerability to execute malicio...

PHPEMS多处存在水平权限问题

简要描述： PHPEMS多处存在水平权限问题 详细说明： 7.多处逻辑漏洞导致平行权限问题 Phems中多处存在平行权限问题，因为要杜绝这个问题必须每次数据库操作都要带上sessionuser但是phems的程序员却非常不配合，导致了多处存在平行权限的问题，我查阅了/app/exam/app.php这一页代码，给出具体出现的问题如下 1. 2108行附近 //删除一个错题记录// 平行权限漏洞 case 'delrecord': $recordid = $this-ev-get'questionid'; $this-favor-delRecord$recordid;...

TCExam <= 4.0.011 (SessionUserLang) Shell Injection Exploit

No description provided by source. ?php printr' -------------------------------------------------------------------------- TCExam = 4.0.011 $COOKIESessionUserLang shell injection exploit by rgod mail: retrog at alice dot it site: http://retrogod.altervista.org...