Lucene search
+L

6 matches found

CVE
CVE
added 2025/12/05 10:17 a.m.728 views

CVE-2025-59775

CVE-2025-59775 : SSRF in Apache HTTP Server on Windows when AllowEncodedSlashes On and MergeSlashes Off can leak NTLM hashes to a malicious server. Affected: Apache HTTP Server (Windows). Root cause: SSRF via UNC/NTLM-related handling as described in multiple security bulletins. Remediation: upgr...

7.5CVSS6.5AI score0.00784EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/11/11 1:47 p.m.19 views

CVE-2025-11696

CVE-2025-11696 affects Rockwell Automation Studio 5000 Simulation Interface via the API. Connected sources confirm two local vulnerabilities: (1) a local SSRF that lets any Windows user trigger outbound SMB requests to capture NTLM hashes, and (2) a local code execution issue (via path traversal)...

8.9CVSS6.2AI score0.00167EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/05 12:0 a.m.4 views

Emsisoft Anti-Malware 安全漏洞

Emsisoft Anti-Malware is an anti-virus software from Emsisoft New Zealand. The software has features such as malware protection and virus protection. A security vulnerability exists in versions prior to Emsisoft Anti-Malware 2024.12, which stems from a scanning module that allows Net-NTLMv2 hash...

7.5CVSS6.4AI score0.00402EPSS
Exploits0References3
VulnCheck KEV
VulnCheck KEV
added 2025/07/21 12:0 a.m.6 views

VulnCheck KEV: CVE-2025-52488

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. In versions 6.0.0 to before 10.0.1, DNN.PLATFORM allows a specially crafted series of malicious interaction to potentially expose NTLM hashes to a third party SMB server. This issue has been...

8.6CVSS5.7AI score0.30628EPSS
In wildExploits1References77
CNNVD
CNNVD
added 2022/04/18 12:0 a.m.7 views

ZOHO ManageEngine ADSelfService Plus 安全漏洞

An information disclosure exists in Zoho ManageEngine ADSelfService Plus, ZOHO's integrated self-service password management and single sign-on solution for Active Directory and cloud applications. A vulnerability exists in Zoho ManageEngine ADSelfService Plus, which stems from the disclosure of...

8.8CVSS5.6AI score0.07947EPSS
Exploits4References6
OSV
OSV
added 2016/09/11 10:59 a.m.4 views

UBUNTU-CVE-2016-5166

The download implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly restrict saving a file:// URL that is referenced by an http:// URL, which makes it easier for user-assisted remote attackers to discover NetNTLM hashes and condu...

3.1CVSS6.8AI score0.0126EPSS
Exploits0References3
Rows per page
Query Builder