154 matches found
Linux kernel 代码问题漏洞
Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel, which stems from a flaw in the handling of the SMB2LOGOFF command, which lacks proper validation of pointers before they are accessed, and which can b...
CVE-2023-32257
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2SESSIONSETUP and SMB2LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage th...
The vulnerability of the ksmbd module in Linux operating systems allows a hacker to trigger a service failure.
The vulnerability of the ksmbd module in Linux operating systems is related to pointer arithmetic errors. Exploiting this vulnerability can allow a remote attacker to cause a service failure using the SMB2LOGOFF command...
The vulnerability of the ksmbd module in Linux operating systems allows a hacker to execute arbitrary code.
The vulnerability of the ksmbd module in Linux operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using the SMB2QUERYINFO and SMB2LOGOFF commands...
The vulnerability of the ksmbd module in Linux operating systems allows a hacker to execute arbitrary code.
The vulnerability of the ksmbd module in Linux operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using the SMB2LOGOFF and SMB2CLOSE commands...
SUSE CVE-2023-32252
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2LOGOFF commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this vulnerability to creat...
SUSE CVE-2023-32258
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2LOGOFF and SMB2CLOSE commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this...
SUSE CVE-2023-32256
A flaw was found in the Linux kernel's ksmbd component. A race condition between smb2 close operation and logoff in multichannel connections could result in a use-after-free issue...
PT-2023-2816 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The issue results from the lack of proper locking when performing operations on an object,...
PT-2023-2818 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2 LOGOFF commands. The issue results from the...
PT-2023-2821 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2 LOGOFF and SMB2 CLOSE commands. The issue...
Siemens Desigo PXC and DXR Devices Insufficient Session Expiration (CVE-2022-24042)
A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The web application returns an AuthToken that does not expire at the defined auto...
NTUSER.DAT does not unload from the VDA servers after user logoff
Cached local profile does not get deleted asNTUSER.DAT does not get unloaded...
Authorization
A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The web application returns an AuthToken that does not expire at the defined auto...
AL 21.12: Office 365 users are prompted to login, use MFA, during every login
When a user logs off the VDI desktop then logs back in, opening any Office 365 app prompts for two-factor authentication login. This was not happening before the upgrade...
Graceful Logoff from a Published Application Renders the Session in Active State
Graceful logoffs from a published application launched in a seamless, fixed window, or as an RDP Initial Program, might result in the session not closing and the user being logged off. Sessions can be reset or exited correctly by manually resetting them, or by terminating remnant user processes i...
WEM Agent hung sporadically by logon on "application processing"
WEM Agent 1906 sporadically hung after few logins at "application processing". just logoff and logon helps. Client OS: Citrix Virtual Apps Server with Windows Server 2016 latest Updates Error Message in the Event Log: Error while Configuring Registry Security for DOMAIN\test1 Source: Norskale Age...
Logon/Logoff Issues with Citrix Profile Management and Opportunistic Locks (OpLocks)
Slow Logon's Slow Logoff's Sessions never logoff until the Lock is removed Sessions never logon until the Lock is removed Temporary Profiles...
The vulnerability of the Oracle FLEXCUBE Direct Banking (Logoff Page) component of the banking analytics system in the Oracle Financial Services Applications model allows a perpetrator to gain access to protected information.
The vulnerability of the Oracle FLEXCUBE Direct Banking Logoff Page component of the banking analytics system in the Oracle Financial Services Applications is related to insufficient access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain...
CVE-2019-2550
Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applications subcomponent: Logoff Page. The supported version that is affected is 12.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...