Lucene search
K

1600 matches found

Packet Storm News
Packet Storm News
added 2026/12/29 12:0 a.m.362 views

GNUnet P2P Framework 0.26.2

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP IPv4 and IPv6, TCP IPv4 and IPv6, HTTP, o...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago9 views

Malicious code in solidity-dev (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30501f6602a5b5b436ef5d6224ec332fa866c9e8b9da4d0de3bc69de868b1fff soliditydev/init.py contains a large base64-encoded Linux x8664 ELF binary in PAYLOADB64. On import soliditydev, the module decodes the blob, writes ...

6.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago9 views

Malicious code in defi-tools (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a2562ad49633ee8c845db08a485394cb31c7de12d9f87eb3f8ef0ab61fb5128 On first import, defitools/init.py decodes a base64-embedded 486KB Linux ELF, writes it to /.config/.npm-cache/snapd-network, sets mode 0777, and...

6.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago8 views

Malicious code in data-harvester (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21c2e2c21d9afac9277d95589962d33a09651a5b6ef7e0b3c9e07aee56af213f On first import, dataharvester/init.py decodes a base64-embedded 486KB Linux ELF, writes it to /.config/.npm-cache/snapd-network, sets mode 0777, and...

6.2AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/30 11:30 a.m.6 views

kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions

A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...

7.8CVSS6.7AI score0.00353EPSS
Exploits4References7
RedHat Linux
RedHat Linux
added 2026/06/29 7:55 p.m.4 views

kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions

A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...

7.8CVSS5.8AI score0.00353EPSS
Exploits4References7
RedHat Linux
RedHat Linux
added 2026/06/23 1:24 a.m.4 views

samba: Missing access check on reparse point operations

A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations even on read-onl...

7.1CVSS5.8AI score0.00862EPSS
Exploits0References5
Amazon
Amazon
added 2026/06/22 12:0 a.m.5 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions CVE-2026-46243 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 - Kernel-5.4 Extra. Visit this page to learn more about Amazon...

7.8CVSS5.7AI score0.00353EPSS
Exploits4
RedHat Linux
RedHat Linux
added 2026/06/17 1:20 a.m.7 views

kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions

A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...

7.8CVSS5.3AI score0.00353EPSS
Exploits4References7
NVD
NVD
added 2026/06/16 8:16 a.m.13 views

CVE-2026-10093

The File Sharing & Download Manager – User Private Files plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'fldrttl' parameter in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS0.00235EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/16 7:46 a.m.11 views

EUVD-2026-37041

The File Sharing & Download Manager – User Private Files plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'fldrttl' parameter in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS5.5AI score0.00235EPSS
Exploits0References9
CVE
CVE
added 2026/06/16 7:46 a.m.20 views

CVE-2026-10093

The CVE-2026-10093 describes a Stored Cross-Site Scripting vulnerability in the WordPress plugin File Sharing & Download Manager – User Private Files . Affected versions are all up to and including 2.1.6 . The issue stems from insufficient input sanitization and output escaping in the fldr_ttl pa...

6.4CVSS5.5AI score0.00235EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2026/06/15 2:29 a.m.9 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.8CVSS6.5AI score0.00353EPSS
Exploits4References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:13 p.m.9 views

CVE-2026-40514

SmarterTools SmarterMail builds prior to 9610 contain a cryptographic weakness in the file and email sharing endpoints that use DES-CBC encryption with keys and initialization vectors derived from System.Random seeded with insufficient entropy, reducing the seed space to approximately 19,000...

9.1CVSS5.5AI score0.00155EPSS
Exploits0References1
HackRead
HackRead
added 2026/06/01 10:40 p.m.25 views

Why Encrypted File Sharing Is Essential for Modern Businesses

Consider the history of any recent corporate scandal, and it is quite possible to guess what the story…...

5.8AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/01 5:36 p.m.13 views

CVE-2026-41013 Tenant-controlled comma smuggles arbitrary CIFS mount options

Input validation bypass in SMB volume mount handling in CloudFoundry Foundation diego-release allows low-privileged CF space developer to inject arbitrary kernel CIFS mount options via bypassing the mount-option allowlist, enabling privilege escalation and security control bypass on multi-tenant...

5.9AI score0.00239EPSS
Exploits0References1
Elastic
Elastic
added 2026/05/28 7:24 p.m.14 views

8.19.16, 9.3.5 Security Update (ESA-2026-33)

Operation on a Resource after Expiration or Termination in Kibana Leading to Unauthorized File Access Operation on a Resource after Expiration or Termination CWE-672 in Kibana can lead to unauthorized information disclosure. A logic error in how expiration timestamps were validated allowed a...

5.3CVSS5.7AI score0.00238EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Gladinet Triofox 安全漏洞

Gladinet Triofox is an enterprise file sharing and remote access platform developed by the American company Gladinet. There is a security vulnerability in Gladinet Triofox, which stems from the WOSSysInfoGetDeviceInterface function returning a null pointer without proper checking. This could lead...

7.5CVSS5.8AI score0.00275EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: cifs: fixed the session state check when reconnecting to avoid a use-after-free issue. Do not collect the exiting session in smb2reconnectserver, as it will be released soon...

5.3AI score0.00172EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

A flaw was discovered in the handling of SMB2 read requests within the kernel’s ksmbd module. The issue arises due to the lack of proper validation of user-provided data, which can lead to reading data beyond the end of an allocated buffer. An attacker can exploit this vulnerability to disclose...

7.5CVSS7AI score0.01095EPSS
Exploits0References2
Rows per page
Query Builder