Lucene search
K

154 matches found

CNNVD
CNNVD
added 2023/07/24 12:0 a.m.5 views

Linux kernel 代码问题漏洞

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel, which stems from a flaw in the handling of the SMB2LOGOFF command, which lacks proper validation of pointers before they are accessed, and which can b...

7.5CVSS6.9AI score0.0406EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2023/07/05 12:48 p.m.45 views

CVE-2023-32257

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2SESSIONSETUP and SMB2LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage th...

8.1CVSS6.9AI score0.02393EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/05/24 12:0 a.m.7 views

The vulnerability of the ksmbd module in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the ksmbd module in Linux operating systems is related to pointer arithmetic errors. Exploiting this vulnerability can allow a remote attacker to cause a service failure using the SMB2LOGOFF command...

7.8CVSS6.7AI score0.0406EPSS
Exploits0References14Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/05/24 12:0 a.m.6 views

The vulnerability of the ksmbd module in Linux operating systems allows a hacker to execute arbitrary code.

The vulnerability of the ksmbd module in Linux operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using the SMB2QUERYINFO and SMB2LOGOFF commands...

8.1CVSS7.3AI score0.02393EPSS
Exploits0References13Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/05/24 12:0 a.m.7 views

The vulnerability of the ksmbd module in Linux operating systems allows a hacker to execute arbitrary code.

The vulnerability of the ksmbd module in Linux operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using the SMB2LOGOFF and SMB2CLOSE commands...

8.1CVSS7.3AI score0.02515EPSS
Exploits0References14Affected Software3
SUSE CVE
SUSE CVE
added 2023/05/20 2:16 a.m.4 views

SUSE CVE-2023-32252

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2LOGOFF commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this vulnerability to creat...

7.5CVSS6.5AI score0.0406EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/05/20 2:16 a.m.5 views

SUSE CVE-2023-32258

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2LOGOFF and SMB2CLOSE commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this...

8.1CVSS6.8AI score0.02515EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/05/20 2:16 a.m.5 views

SUSE CVE-2023-32256

A flaw was found in the Linux kernel's ksmbd component. A race condition between smb2 close operation and logoff in multichannel connections could result in a use-after-free issue...

7.5CVSS6.4AI score0.00526EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/04/27 12:0 a.m.15 views

PT-2023-2816 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The issue results from the lack of proper locking when performing operations on an object,...

10CVSS7AI score0.71737EPSS
Exploits55References342
Positive Technologies
Positive Technologies
added 2023/04/27 12:0 a.m.7 views

PT-2023-2818 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2 LOGOFF commands. The issue results from the...

10CVSS6.6AI score0.71737EPSS
Exploits55References345
Positive Technologies
Positive Technologies
added 2023/04/27 12:0 a.m.12 views

PT-2023-2821 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2 LOGOFF and SMB2 CLOSE commands. The issue...

10CVSS7AI score0.71737EPSS
Exploits53References403
Tenable Nessus
Tenable Nessus
added 2023/01/25 12:0 a.m.28 views

Siemens Desigo PXC and DXR Devices Insufficient Session Expiration (CVE-2022-24042)

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The web application returns an AuthToken that does not expire at the defined auto...

9.1CVSS8AI score0.00918EPSS
Exploits0References3
Citrix
Citrix
added 2022/06/22 12:0 a.m.9 views

NTUSER.DAT does not unload from the VDA servers after user logoff

Cached local profile does not get deleted asNTUSER.DAT does not get unloaded...

7AI score
Exploits0
Prion
Prion
added 2022/05/10 11:15 a.m.12 views

Authorization

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The web application returns an AuthToken that does not expire at the defined auto...

6.4CVSS8.9AI score0.00918EPSS
Exploits0References1Affected Software4
Citrix
Citrix
added 2022/04/07 12:0 a.m.8 views

AL 21.12: Office 365 users are prompted to login, use MFA, during every login

When a user logs off the VDI desktop then logs back in, opening any Office 365 app prompts for two-factor authentication login. This was not happening before the upgrade...

7.3AI score
Exploits0
Citrix
Citrix
added 2020/07/12 12:0 a.m.8 views

Graceful Logoff from a Published Application Renders the Session in Active State

Graceful logoffs from a published application launched in a seamless, fixed window, or as an RDP Initial Program, might result in the session not closing and the user being logged off. Sessions can be reset or exited correctly by manually resetting them, or by terminating remnant user processes i...

7.1AI score
Exploits0
Citrix
Citrix
added 2020/04/29 12:0 a.m.13 views

WEM Agent hung sporadically by logon on "application processing"

WEM Agent 1906 sporadically hung after few logins at "application processing". just logoff and logon helps. Client OS: Citrix Virtual Apps Server with Windows Server 2016 latest Updates Error Message in the Event Log: Error while Configuring Registry Security for DOMAIN\test1 Source: Norskale Age...

7AI score
Exploits0
Citrix
Citrix
added 2020/02/18 12:0 a.m.8 views

Logon/Logoff Issues with Citrix Profile Management and Opportunistic Locks (OpLocks)

Slow Logon's Slow Logoff's Sessions never logoff until the Lock is removed Sessions never logon until the Lock is removed Temporary Profiles...

7.1AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/02/12 12:0 a.m.5 views

The vulnerability of the Oracle FLEXCUBE Direct Banking (Logoff Page) component of the banking analytics system in the Oracle Financial Services Applications model allows a perpetrator to gain access to protected information.

The vulnerability of the Oracle FLEXCUBE Direct Banking Logoff Page component of the banking analytics system in the Oracle Financial Services Applications is related to insufficient access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain...

6.4CVSS6.7AI score0.01123EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2019/01/16 7:30 p.m.2 views

CVE-2019-2550

Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applications subcomponent: Logoff Page. The supported version that is affected is 12.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

4.3CVSS6.1AI score0.01192EPSS
Exploits0References2
Rows per page
Query Builder