CVE-2025-66413

Git for Windows is the Windows port of Git. Prior to 2.53.02, it is possible to obtain a user's NTLM hash by tricking them into cloning from a malicious server. Since NTLM hashing is weak, it is possible for the attacker to brute-force the user's account name and password. This vulnerability is...

CVE-2026-26333 Calero VeraSMART < 2022 R1 .NET Remoting Arbitrary File Read Leading to ViewState RCE

Calero VeraSMART versions prior to 2022 R1 expose an unauthenticated .NET Remoting HTTP service on TCP port 8001. The service publishes default ObjectURIs including EndeavorServer.rem and RemoteFileReceiver.rem and permits the use of SOAP and binary formatters with TypeFilterLevel set to Full. An...

CVE-2025-68621 Trilium Notes has a Timing Attack Vulnerability in /api/login/sync

Trilium Notes is an open-source, cross-platform hierarchical note taking application with focus on building large personal knowledge bases. Prior to 0.101.0, a critical timing attack vulnerability in Trilium's sync authentication endpoint allows unauthenticated remote attackers to recover HMAC...

CVE-2024-45301 ZDI-CAN-24744: Mintty Path Conversion Improper Input Validation Information Disclosure Vulnerability

Mintty is a terminal emulator for Cygwin, MSYS, and WSL. In versions 2.3.6 through 3.7.4, several escape sequences can cause the mintty process to access a file in a specific path. It is triggered by simply printing them out on bash. An attacker can specify an arbitrary network path, negotiate an...

CVE-2025-11696

A local server-side request forgery SSRF security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to trigger outbound SMB requests, enabling the capture of NTLM hashes...

Newforma Project Center Server Information Disclosure Vulnerability (CNVD-2025-25888)

Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. An information disclosure vulnerability exists in Newforma Proje...

PT-2025-32777

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions affected versions not specified Description This issue involves a security flaw in Windows File Explorer that allows an attacker to extract NTLM hashes without user interaction, even on systems with the latest securi...

Dnn.Platform 信息泄露漏洞

Dnn.Platform is an open source web content management platform CMS open sourced by Dnn Software. An information disclosure vulnerability exists in versions of Dnn.Platform prior to 10.0.1, which stems from a malicious interaction that exposes an NTLM hash, potentially leading to information...

CVE-2023-29446

An improper input validation vulnerability has been discovered that could allow an adversary to inject a UNC path via a malicious project file. This allows an adversary to capture NLTMv2 hashes and potentially crack them offline...

SUSE CVE-2024-40898

SSRF in Apache HTTP Server on Windows with modrewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue...

PT-2024-31482 · Veeam · Veeam Backup & Replication

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A vulnerability exists where a low-privileged user can exploit insufficient permissions in credential handling to leak NTLM hashes of saved credentials...

[SECURITY] [DSA 5777-1] booth security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5777-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 27, 2024 https://www.debian.org/security/faq -...

Debian dsa-5777 : booth - security update

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5777 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5777-1 [email protected] https://www.debian.org/security/ Moritz...

httpd: SSRF in Apache HTTP Server on Windows

A flaw was found in httpd on Windows systems. This issue potentially allows NTLM hashes to be leaked to a malicious server via Server-side request forgery SSRF and malicious requests or content...

PTC Kepware KEPServerEX Input Validation Error Vulnerability

PTC Kepware KEPServerEX is an industrial automation data connectivity solution from PTC Corporation. PTC Kepware KEPServerEX 6.14.263.0 and earlier versions suffer from an input validation error vulnerability that stems from easy UNC path injection via a malicious project file.By tricking a user...

JetBrains IntelliJ IDEA 安全漏洞

JetBrains IntelliJ IDEA is a set of integrated development environments for the Java language from the Czech company JetBrains. A security vulnerability exists in JetBrains IntelliJ IDEA versions prior to 2023.1, which stems from the possibility that NTLM hashes could be leaked through API method...

BruteShark - Network Analysis Tool

BruteShark is a Network Forensic Analysis Tool NFAT that performs deep processing and inspection of network traffic mainly PCAP files, but it also capable of directly live capturing from a network interface. It includes: password extracting, building a network map, reconstruct TCP sessions, extra...

DEBIAN-CVE-2019-0201

An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper’s getACL command doesn’t check any permission when retrieves the ACLs of the requested node and returns all information contained in the ACL Id field as plaintext string. DigestAuthenticationProvider...

Digital Guardian Management Console Server-Side Cross-Site Request Forgery Vulnerability Vulnerability

Digital Guardian Management Console is a suite of data protection software from Digital Guardian, Inc. in the United States. The software is capable of providing software that locates enterprise networks, servers, databases, and clouds to stop malicious behavior by users or malware on endpoints. ...

CVE-2017-11786

Skype for Business in Microsoft Lync 2013 SP1 and Skype for Business 2016 allows an attacker to steal an authentication hash that can be reused elsewhere, due to how Skype for Business handles authentication requests, aka "Skype for Business Elevation of Privilege Vulnerability."...