Lucene search
K

7 matches found

CVE
CVE
added 2025/12/05 10:17 a.m.705 views

CVE-2025-59775

CVE-2025-59775 : SSRF in Apache HTTP Server on Windows when AllowEncodedSlashes On and MergeSlashes Off can leak NTLM hashes to a malicious server. Affected: Apache HTTP Server (Windows). Root cause: SSRF via UNC/NTLM-related handling as described in multiple security bulletins. Remediation: upgr...

7.5CVSS6.5AI score0.00771EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/11/11 1:47 p.m.14 views

CVE-2025-11696

CVE-2025-11696 affects Rockwell Automation Studio 5000 Simulation Interface via the API. Connected sources confirm two local vulnerabilities: (1) a local SSRF that lets any Windows user trigger outbound SMB requests to capture NTLM hashes, and (2) a local code execution issue (via path traversal)...

8.9CVSS6.2AI score0.00153EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/05 12:0 a.m.3 views

Emsisoft Anti-Malware 安全漏洞

Emsisoft Anti-Malware is an anti-virus software from Emsisoft New Zealand. The software has features such as malware protection and virus protection. A security vulnerability exists in versions prior to Emsisoft Anti-Malware 2024.12, which stems from a scanning module that allows Net-NTLMv2 hash...

7.5CVSS6.4AI score0.00385EPSS
Exploits0References3
VulnCheck KEV
VulnCheck KEV
added 2025/07/21 12:0 a.m.6 views

VulnCheck KEV: CVE-2025-52488

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. In versions 6.0.0 to before 10.0.1, DNN.PLATFORM allows a specially crafted series of malicious interaction to potentially expose NTLM hashes to a third party SMB server. This issue has been...

8.6CVSS5.7AI score0.29345EPSS
In wildExploits1References77
OSV
OSV
added 2024/12/04 2:15 a.m.8 views

CVE-2024-45204

A vulnerability exists where a low-privileged user can exploit insufficient permissions in credential handling to leak NTLM hashes of saved credentials. The exploitation involves using retrieved credentials to expose sensitive NTLM hashes, impacting systems beyond the initial target and potential...

4.3CVSS5.8AI score0.00354EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/04/18 12:0 a.m.5 views

ZOHO ManageEngine ADSelfService Plus 安全漏洞

An information disclosure exists in Zoho ManageEngine ADSelfService Plus, ZOHO's integrated self-service password management and single sign-on solution for Active Directory and cloud applications. A vulnerability exists in Zoho ManageEngine ADSelfService Plus, which stems from the disclosure of...

8.8CVSS5.6AI score0.07724EPSS
Exploits4References6
OSV
OSV
added 2016/09/11 10:59 a.m.3 views

UBUNTU-CVE-2016-5166

The download implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly restrict saving a file:// URL that is referenced by an http:// URL, which makes it easier for user-assisted remote attackers to discover NetNTLM hashes and condu...

3.1CVSS6.8AI score0.0126EPSS
Exploits0References3
Rows per page
Query Builder