Lucene search
K

610 matches found

Trellix
Trellix
added 2025/12/17 12:0 a.m.5 views

The Fake Domain Controller You Didn’t See Coming: Detecting DCShadow Attacks Using Trellix NDR

The Fake Domain Controller You Didn’t See Coming: Detecting DCShadow Attacks Using Trellix NDR By Maulik Maheta and Chao Sun · December 17, 2025 Executive summary DCShadow is a covert post-exploitation technique that enables an attacker to impersonate a domain controller and make unauthorized,...

5.9AI score
Exploits0
OSV
OSV
added 2025/12/09 1:11 p.m.4 views

CLSA-2025-1765285897 Fix CVE(s): CVE-2021-3738

SECURITY UPDATE: use after free in Samba AD DC RPC server - debian/patches/CVE-2021-3738-pre.patch: prepare service routines before fixing CVE-2021-3738 - debian/patches/CVE-2021-3738.patch: avoids a crash caused by use-after-free in Samba AD DC RPC server - CVE-2021-3738.patch...

8.8CVSS7.2AI score0.01888EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/12/07 3:29 p.m.178 views

Exploit for CVE-2020-1472

zerologon-lab Scripts for a lab environment demonstrating the...

10CVSS7AI score0.99512EPSS
Exploits75
The Hacker News
The Hacker News
added 2025/11/12 11:7 a.m.7 views

Active Directory Under Siege: Why Critical Infrastructure Needs Stronger Security

Active Directory remains the authentication backbone for over 90% of Fortune 1000 companies. AD's importance has grown as companies adopt hybrid and cloud infrastructure, but so has its complexity. Every application, user, and device traces back to AD for authentication and authorization, making ...

7.2AI score
Exploits0
OSV
OSV
added 2025/11/07 8:15 p.m.7 views

AZL-69830 CVE-2025-10230 affecting package samba 4.18.3-2

A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active...

10CVSS7.5AI score0.39677EPSS
Exploits2References1
OSV
OSV
added 2025/11/07 8:15 p.m.5 views

ALPINE-CVE-2025-10230

A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active...

10CVSS7.1AI score0.39677EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.7 views

Samba WINS hook RCE (CVE-2025-10230)

In the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active Directory Domain Controller's...

10CVSS7.5AI score0.39677EPSS
Exploits2References2
The Hacker News
The Hacker News
added 2025/10/27 8:55 a.m.15 views

Qilin Ransomware Combines Linux Payload With BYOVD Exploit in Hybrid Attack

The ransomware group known as Qilin aka Agenda, Gold Feather, and Water Galura has claimed more than 40 victims every month since the start of 2025, barring January, with the number of postings on its data leak site touching a high of 100 cases in June. The development comes as the...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2025-10230

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or...

10CVSS6AI score0.39677EPSS
Exploits2References2
OSV
OSV
added 2025/10/21 9:35 p.m.6 views

CLSA-2025-1761082525 Fix CVE(s): CVE-2022-45141

SECURITY UPDATE: AD DC can be forced to issue rc4-hmac Kerberos tickets - debian/patches/CVE-2022-45141.patch: fix session key selection algorithm for selecting the ticket in strongest-to-weakest order, thus allowing the target server to select better encryption - CVE-2022-45141...

9.8CVSS5.8AI score0.00454EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/10/18 3:33 p.m.208 views

Exploit for CVE-2020-1472

Domain-Controller-DC-Exploitation-with-Metasploit-Impacket End...

10CVSS7.4AI score0.99512EPSS
Exploits75
SUSE CVE
SUSE CVE
added 2025/10/16 11:38 p.m.6 views

SUSE CVE-2025-10230

A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active...

10CVSS6.9AI score0.39677EPSS
Exploits2References11
Samba
Samba
added 2025/10/15 12:0 a.m.7 views

Command injection via WINS server hook script

Description If a Samba server has WINS support enabled it is off by default, and it has a 'wins hook' parameter specified, the program specified by that parameter will be run whenever a WINS name is changed. The WINS server used by the Samba Active Directory Domain Controller did not validate the...

10CVSS7AI score0.39677EPSS
Exploits2
UbuntuCve
UbuntuCve
added 2025/10/15 12:0 a.m.4 views

CVE-2025-10230

A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active...

10CVSS7.5AI score0.39677EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-8651

Malware in sbrugna...

7.5CVSS7.6AI score0.02486EPSS
Exploits0References22
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-3172

Malware in sbrugna...

4.6CVSS6.4AI score0.01297EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-11593

Malware in sbrugna...

6.1CVSS6.3AI score0.01931EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2020-18372

Malware in sbrugna...

8.8CVSS7.4AI score0.01595EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-0533

Malware in sbrugna...

9.3CVSS7.9AI score0.06415EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-7986

Malware in sbrugna...

8.5CVSS7.4AI score0.04264EPSS
Exploits0References14
Rows per page
Query Builder