52 matches found
GHSA-WQP7-X3PW-XC5R Starlette: SSRF and NTLM credential theft via UNC paths in StaticFiles on Windows
Summary When serving static files on Windows, StaticFiles resolves the requested path with os.path.realpath. If a UNC path such as \attacker.com\share reaches the resolver, realpath causes the process to open a connection to the remote host over SMB port 445. This is a server-side request forgery...
CVE-2026-7461
Improper neutralization of inputs used in an OS command in the FSx Windows File Server volume mounting component in Amazon ECS Agent on Windows before version 1.103.0 might allow a remote authenticated threat actor to execute shell commands with SYSTEM privileges on the underlying host via a...
CVE-2026-7461
Improper neutralization of inputs used in an OS command in the FSx Windows File Server volume mounting component in Amazon ECS Agent on Windows before version 1.103.0 might allow a remote authenticated threat actor to execute shell commands with SYSTEM privileges on the underlying host via a...
Amazon ECS Container Agent 操作系统命令注入漏洞
Amazon ECS Container Agent is an open-source elastic container service agent software developed by Amazon Web Services. Versions of Amazon ECS Container Agent prior to 1.103.0 contained an operating system command injection vulnerability. This vulnerability stems from improper handling of OS...
CVE-2026-24283
Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally...
EUVD-2026-10603
Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally...
EUVD-2026-10602
Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally...
CVE-2026-24283
Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally...
CVE-2026-24283
Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally...
CVE-2026-24283
Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally...
Multiple UNC Provider Kernel Driver Elevation of Privilege Vulnerability
Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally...
Microsoft Windows File Server 安全漏洞
Microsoft Windows File Server is a server role offered by the American company Microsoft. There are security vulnerabilities present in Microsoft Windows File Server. Attackers can exploit these vulnerabilities to gain higher privileges. The following products and versions are affected: Windows 1...
PT-2026-24279
Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally...
Microsoft Windows SMB Server Elevation of Privilege Vulnerability (CNVD-2026-10678)
Microsoft Windows SMB Server is a network file-sharing protocol from Microsoft. It allows applications on a computer to read and write files and request services from server programs on a computer network. An elevation of privilege vulnerability exists in Microsoft Windows SMB Server due to...
EUVD-2020-12391
Malware in sbrugna...
EUVD-2020-12392
Malware in sbrugna...
EUVD-2024-23492
Malicious code in bioql PyPI...
EUVD-2022-31360
Malicious code in bioql PyPI...
EUVD-2022-31377
Malicious code in bioql PyPI...
EUVD-2025-14426
Malicious code in bioql PyPI...