20 matches found
CVE-2026-40410
Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally...
Five New Exploited Bugs Land in CISA's Catalog — Oracle and Microsoft Among Targets
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added five security flaws to its Known Exploited Vulnerabilities KEV Catalog, officially confirming a recently disclosed vulnerability impacting Oracle E-Business Suite EBS has been weaponized in real-world attacks. The...
CISA Adds Five Known Exploited Vulnerabilities to Catalog
CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2022-48503link is external Apple Multiple Products Unspecified Vulnerability CVE-2025-2746link is external Kentico Xperience Staging Sync Server Digest Passwor...
CVE-2025-59280
Improper authentication in Windows SMB Client allows an unauthorized attacker to perform tampering over a network...
CVE-2025-59280
Improper authentication in Windows SMB Client allows an unauthorized attacker to perform tampering over a network...
EUVD-2021-18118
Malware in sbrugna...
CVE-2025-54101 Windows SMB Client Remote Code Execution Vulnerability
...
KLA87445 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of...
About Elevation of Privilege – Windows SMB Client (CVE-2025-33073) vulnerability
About Elevation of Privilege - Windows SMB Client CVE-2025-33073 vulnerability. A vulnerability from the June Microsoft Patch Tuesday allows an attacker to execute a malicious script, forcing the victim's host to connect to the attacker's SMB server and authenticate, resulting in gaining SYSTEM...
CVE-2025-33073 Windows SMB Client Elevation of Privilege Vulnerability
...
CVE-2025-33073 Windows SMB Client Elevation of Privilege Vulnerability
...
CVE-2025-32718
CVE-2025-32718 : Integer overflow or wraparound in Windows SMB enables a locally authenticated attacker to elevate privileges. Connected sources confirm impact as local privilege escalation on Windows SMB, with CVSS v3.1 base score 7.8 (HIGH) and local attack vector. Public references in NVD/NCSC...
CVE-2025-32718 Windows SMB Client Elevation of Privilege Vulnerability
...
KLA84760 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, gain privileges, execute arbitrary code, cause denial of service, spoof user interface. Below is a complete list of...
PT-2025-24857
Name of the Vulnerable Software and Affected Versions Microsoft Windows SMB Client affected versions not specified Description Improper access control in the Windows SMB Client, specifically within the mrxsmb.sys driver, allows an authorized or unauthenticated remote attacker to elevate privilege...
Security feature bypass
Windows SMB Client Security Feature Bypass Vulnerability...
Microsoft Windows SMB Client 安全特征问题漏洞
Microsoft Windows SMB Client is a Microsoft application. An SMB Client. Microsoft Windows SMB Client is vulnerable to a security feature issue. The following products and editions are affected:Windows 10 Version 2004 for 32-bit Systems,Windows 10 Version 2004 for ARM64-based Systems,Windows 10...
Information disclosure
An information disclosure vulnerability exists in Windows when the Windows SMB Client kernel-mode driver fails to properly handle objects in memory, aka 'Windows SMB Client Driver Information Disclosure Vulnerability'...
KLA11552 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, obtain sensitive information, spoof user interface, execute arbitrary code, bypass security restrictions. Below is a complete list of...
EEYE: Windows SMB Client Transaction Response Handling Vulnerability
Windows SMB Client Transaction Response Handling Vulnerability Release Date: February 8, 2005 Date Reported: August 2, 2004 Severity: High Remote Code Execution Vendor: Microsoft Systems Affected: Windows 2000 Windows XP Windows Server 2003 Overview: eEye Digital Security has discovered a...