Lucene search
+L

182 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-22039

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix overflow in dacloffset bounds check The dacloffset field was originally typed as int and used in an unchecked addition, which could overflow and bypa...

7.1CVSS6.7AI score0.00257EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fixed an overflow issue in the bounds check of the dacloffset field. The dacloffset field was originally defined as an int type and was used in an unchecked addition. This could lead to an overflow condition, bypassing the...

7.1CVSS6.2AI score0.00257EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 10:9 a.m.8 views

CVE-2019-19741

Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege escalation due to arbitrary directory DACL manipulation, a different issue than CVE-2019-19247 and CVE-2019-19248. When Origin.exe connects to the named pipe OriginClientService, the privileged service verifies the client's...

7.8CVSS6.8AI score0.00723EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:26 a.m.6 views

CVE-2019-13142

The RzSurroundVADStreamingService RzSurroundVADStreamingService.exe in Razer Surround 1.1.63.0 runs as the SYSTEM user using an executable located in %PROGRAMDATA%\Razer\Synapse\Devices\Razer Surround\Driver\. The DACL on this folder allows any user to overwrite contents of files in this folder,...

6.6CVSS6.9AI score0.00288EPSS
Exploits0References1
OSV
OSV
added 2025/04/16 3:15 p.m.2 views

DEBIAN-CVE-2025-22039

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix overflow in dacloffset bounds check The dacloffset field was originally typed as int and used in an unchecked addition, which could overflow and bypass the existing bounds check in both smbcheckpermdacl and...

7.1CVSS5.7AI score0.00257EPSS
Exploits0References1
OSV
OSV
added 2025/04/16 3:15 p.m.4 views

UBUNTU-CVE-2025-22039

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix overflow in dacloffset bounds check The dacloffset field was originally typed as int and used in an unchecked addition, which could overflow and bypass the existing bounds check in both smbcheckpermdacl and...

7.1CVSS6.2AI score0.00257EPSS
Exploits0References24
SUSE CVE
SUSE CVE
added 2025/02/27 3:8 a.m.4 views

SUSE CVE-2022-49366

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix reference count leak in smbcheckpermdacl The issue happens in a specific path in smbcheckpermdacl. When "id" and "uid" have the same value, the function simply jumps out of the loop without decrementing the reference...

5.5CVSS6.5AI score0.00245EPSS
Exploits0References3
OSV
OSV
added 2025/02/26 7:1 a.m.8 views

UBUNTU-CVE-2022-49366

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix reference count leak in smbcheckpermdacl The issue happens in a specific path in smbcheckpermdacl. When "id" and "uid" have the same value, the function simply jumps out of the loop without decrementing the reference...

5.5CVSS5.7AI score0.00245EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the smbcheckpermdacl function not releasing the reference count of posixacls at a specific path, which could...

5.5CVSS5AI score0.00245EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/11/07 12:0 a.m.10 views

PT-2024-16343 · Rapid7 · Rapid7 Velociraptor Msi Installer

Name of the Vulnerable Software and Affected Versions: Rapid7 Velociraptor MSI Installer versions prior to 0.73.3 Description: The issue arises from the Rapid7 Velociraptor MSI Installer creating the installation directory with WRITE DACL permission to the BUILTINUsers group. This allows local...

8.6CVSS7.9AI score0.00165EPSS
Exploits0References9
OSV
OSV
added 2024/05/21 4:15 p.m.4 views

DEBIAN-CVE-2023-52755

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab out of bounds write in smbinheritdacl slab out-of-bounds write is caused by that offsets is bigger than pntsd allocation size. This patch add the check to validate 3 offsets using allocation size...

8.4CVSS6.3AI score0.26864EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2024/05/21 3:30 p.m.18 views

CVE-2023-52755

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab out of bounds write in smbinheritdacl slab out-of-bounds write is caused by that offsets is bigger than pntsd allocation size. This patch add the check to validate 3 offsets using allocation size...

8.4CVSS8.4AI score0.26864EPSS
Exploits0
NVD
NVD
added 2024/05/14 3:16 p.m.8 views

CVE-2024-29513

An issue in briscKernelDriver.sys in BlueRiSC WindowsSCOPE Cyber Forensics before 3.3 allows a local attacker to execute arbitrary code within the driver and create a local denial-of-service condition due to an improper DACL being applied to the device the driver creates...

7.8CVSS7.2AI score0.00409EPSS
Exploits0References1
CVE
CVE
added 2024/05/13 7:32 p.m.71 views

CVE-2024-29513

CVE-2024-29513 impacts BlueRiSC WindowsSCOPE Cyber Forensics prior to version 3.3, via briscKernelDriver.sys. The root cause is an improper DACL on the device the driver creates, enabling a local attacker to execute arbitrary code within the driver and cause a local denial-of-service condition. T...

7.8CVSS7.5AI score0.00409EPSS
Exploits0References1
OSV
OSV
added 2024/05/03 3:15 a.m.5 views

CVE-2023-42126

G DATA Total Security GDBackupSvc Service Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G Data Total Security. An attacker must first obtain the ability to execute low-privileged code on the...

7.8CVSS6.2AI score0.00396EPSS
Exploits0References1
NVD
NVD
added 2024/05/03 3:15 a.m.12 views

CVE-2023-42126

G DATA Total Security GDBackupSvc Service Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G Data Total Security. An attacker must first obtain the ability to execute low-privileged code on the...

7.8CVSS7.8AI score0.00396EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/03 2:13 a.m.14 views

CVE-2023-42126 G DATA Total Security GDBackupSvc Service Link Following Local Privilege Escalation Vulnerability

G DATA Total Security GDBackupSvc Service Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G Data Total Security. An attacker must first obtain the ability to execute low-privileged code on the...

7.8CVSS7.3AI score0.00396EPSS
Exploits0References1
CVE
CVE
added 2024/05/03 2:13 a.m.49 views

CVE-2023-42126

CVE-2023-42126 affects G Data Total Security, specifically the GDBackupSvc service. The flaw allows a local attacker who can run low-privilege code to create a symbolic link that enables the service to write a file with a permissive DACL, enabling privilege escalation to SYSTEM and the execution ...

7.8CVSS7.8AI score0.00396EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/05/03 2:13 a.m.15 views

CVE-2023-42126 G DATA Total Security GDBackupSvc Service Link Following Local Privilege Escalation Vulnerability

G DATA Total Security GDBackupSvc Service Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of G Data Total Security. An attacker must first obtain the ability to execute low-privileged code on the...

7.8CVSS8AI score0.00396EPSS
Exploits0References1
NVD
NVD
added 2024/04/30 2:15 p.m.20 views

CVE-2023-50914

A Privilege Escalation issue in the inter-process communication procedure from GOG Galaxy Beta 2.0.67.2 through v2.0.71.2 allows authentictaed users to change the DACL of arbitrary system directories to include Everyone full control permissions by modifying the FixDirectoryPrivileges instruction...

6.7CVSS6.6AI score0.00701EPSS
Exploits1References4
Rows per page
Query Builder