Lucene search
K

154 matches found

Nuclei
Nuclei
added 14 hours ago25 views

SAP Solution Manager - Open Redirect

SAP Solution Manager contains an open redirect vulnerability via the logoff endpoint. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2020-26836 info: name: SAP Solution Manager - Open...

6.1CVSS6.4AI score0.02338EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-53271

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: fix NULL-deref of opinfo-conn in oplock/lease break notifiers smb2oplockbreaknoti and smb2leasebreaknoti read opinfo-conn into a local with neither...

5.5CVSS6.1AI score0.00119EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/26 9:59 a.m.7 views

CVE-2026-53271

A flaw was found in the ksmbd component of the Linux kernel. A remote attacker could exploit a NULL-dereference vulnerability in the oplock/lease break notifiers. This occurs because opinfo-conn is read without proper checks, allowing a concurrent Server Message Block SMB2 LOGOFF to set op-conn t...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/26 2:7 a.m.6 views

SUSE CVE-2026-53271

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix NULL-deref of opinfo-conn in oplock/lease break notifiers smb2oplockbreaknoti and smb2leasebreaknoti read opinfo-conn into a local with neither READONCE nor a NULL check. Both run from oplockbreak after opinfogetlist h...

5.8AI score0.00119EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 a.m.7 views

CVE-2026-53271

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix NULL-deref of opinfo-conn in oplock/lease break notifiers smb2oplockbreaknoti and smb2leasebreaknoti read opinfo-conn into a local with neither READONCE nor a NULL check. Both run from oplockbreak after opinfogetlist h...

5.5CVSS0.00119EPSS
Exploits0References5
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53271

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix NULL-deref of opinfo-conn in oplock/lease break notifiers smb2oplockbreaknoti and smb2leasebreaknoti read opinfo-conn into a local with neither READONCE nor a NULL check. Both run from oplockbreak after opinfogetlist h...

6CVSS5.7AI score0.00119EPSS
Exploits0References8
CVE
CVE
added 2026/06/25 8:39 a.m.13 views

CVE-2026-53271

CVE-2026-53271 affects the Linux kernel ksmbd component. The vulnerability is a NULL-deref in oplock/lease break notifiers: smb2_oplock_break_noti() and smb2_lease_break_noti() read opinfo->conn into a local buffer without READ_ONCE and without a NULL check. After opinfo_get_list() drops ci-&g...

5.5CVSS5.7AI score0.00119EPSS
Exploits0References5Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: cifs: fixed the session state check when reconnecting to avoid a use-after-free issue. Do not collect the exiting session in smb2reconnectserver, as it will be released soon...

5.3AI score0.00172EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.15

A flaw was discovered in the ksmbd component of the Linux kernel. A race condition between the smb2 close operation and logoff in multi-channel connections could lead to a use-after-free issue...

7.5CVSS7.1AI score0.00526EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.15

A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw occurs during the processing of SMB2SESSIONSETUP and SMB2LOGOFF commands. The issue arises due to the lack of proper locking when performing operations on an object. An...

8.1CVSS6.7AI score0.02393EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.15

A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw exists in the processing of SMB2LOGOFF and SMB2CLOSE commands. The issue arises from the lack of proper locking when performing operations on an object. An attacker can...

8.1CVSS6.8AI score0.02515EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.15

A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw occurs during the handling of SMB2LOGOFF commands. The issue arises from the lack of proper validation of a pointer before accessing it. An attacker can exploit this...

7.5CVSS6.5AI score0.0406EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2026/04/28 12:0 a.m.122 views

📄 Microsoft WinLogon Registry Deletion / Privilege Escalation

This code represents a highly destructive proof of concept targeting Windows WinLogon and Registry access control mechanisms to achieve privilege escalation and system integrity compromise. The exploit is built around abusing Registry symbolic links and session-based Accessibility paths to redire...

7.8CVSS5.6AI score0.03178EPSS
Exploits1
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fixed the use-of-free issue in session logoff. The sess-user object may currently be used by another thread. For example, if another connection sends a session setup request to make the session available for use. The...

7.8CVSS6.5AI score0.00384EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2025/12/12 12:7 p.m.4 views

CVE-2025-64990

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Explorer-TachyonCore-LogoffUser instruction prior V21.1. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation...

6.8CVSS8AI score0.00732EPSS
Exploits0References1
OSV
OSV
added 2025/12/11 12:16 p.m.5 views

CVE-2025-64990

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Explorer-TachyonCore-LogoffUser instruction prior V21.1. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation...

7.2CVSS6.2AI score0.00732EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/11 11:27 a.m.4 views

CVE-2025-64990 Command Injection in 1E-Explorer-TachyonCore-LogoffUser Instruction

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Explorer-TachyonCore-LogoffUser instruction prior V21.1. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation...

6.8CVSS7.6AI score0.00732EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/11 11:27 a.m.32 views

CVE-2025-64990 Command Injection in 1E-Explorer-TachyonCore-LogoffUser Instruction

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Explorer-TachyonCore-LogoffUser instruction prior V21.1. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation...

6.8CVSS0.00732EPSS
Exploits0References1
OSV
OSV
added 2025/12/09 1:16 a.m.7 views

UBUNTU-CVE-2023-53794

In the Linux kernel, the following vulnerability has been resolved: cifs: fix session state check in reconnect to avoid use-after-free issue Don't collect exiting session in smb2reconnectserver, because it will be released soon. Note that the exiting session will stay in server-smbseslist until i...

5.7AI score0.00172EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2025/12/09 12:0 a.m.2 views

CVE-2023-53794

In the Linux kernel, the following vulnerability has been resolved: cifs: fix session state check in reconnect to avoid use-after-free issue Don't collect exiting session in smb2reconnectserver, because it will be released soon. Note that the exiting session will stay in server-smbseslist until i...

5.2AI score0.00172EPSS
Exploits0
Rows per page
Query Builder