208 matches found
UBUNTU-CVE-2025-22037
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in allocpreauthhash The Client send malformed smb2 negotiate request. ksmbd return error response. Subsequently, the client can send smb2 session setup even thought conn-preauthinfo is not...
CVE-2025-22037
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in allocpreauthhash The Client send malformed smb2 negotiate request. ksmbd return error response. Subsequently, the client can send smb2 session setup even thought conn-preauthinfo is not...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a null pointer dereference when ksmbd is not assigned preauthinfo...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: The binding mark of a reused connection was unset. Steve French reported a null pointer dereference error from the sha256 library. The cifs.ko module can send session setup requests using a reused connection. If a reuse...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: The issue related to “slab-use-after-free” in smb3preauthhashrsp has been fixed. The function ksmbdusersessionput should be called under smb3preauthhashrsp. This will prevent freeing a session before calling...
ksmbd: fix slab-use-after-free in smb3_preauth_hash_rsp
...
SUSE CVE-2024-50283
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-use-after-free in smb3preauthhashrsp ksmbdusersessionput should be called under smb3preauthhashrsp. It will avoid freeing session before calling smb3preauthhashrsp...
DEBIAN-CVE-2024-50283
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-use-after-free in smb3preauthhashrsp ksmbdusersessionput should be called under smb3preauthhashrsp. It will avoid freeing session before calling smb3preauthhashrsp...
UBUNTU-CVE-2024-50283
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-use-after-free in smb3preauthhashrsp ksmbdusersessionput should be called under smb3preauthhashrsp. It will avoid freeing session before calling smb3preauthhashrsp...
CVE-2024-50283 ksmbd: fix slab-use-after-free in smb3_preauth_hash_rsp
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-use-after-free in smb3preauthhashrsp ksmbdusersessionput should be called under smb3preauthhashrsp. It will avoid freeing session before calling smb3preauthhashrsp...
AZL-49383 CVE-2024-46795 affecting package kernel for versions less than 5.15.167.1-1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset the binding mark of a reused connection Steve French reported null pointer dereference error from sha256 lib. cifs.ko can send session setup requests on reused connection. If reused connection is used for binding...
DEBIAN-CVE-2024-46795
In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset the binding mark of a reused connection Steve French reported null pointer dereference error from sha256 lib. cifs.ko can send session setup requests on reused connection. If reused connection is used for binding...
UBUNTU-CVE-2024-46795
In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset the binding mark of a reused connection Steve French reported null pointer dereference error from sha256 lib. cifs.ko can send session setup requests on reused connection. If reused connection is used for binding...
Exploit for Code Injection in Gitlab
CVE-2021-22205 Preauth RCE via exiftool on Gitlab CE/EE...
Juniper SRX Firewalls&EX switches - PreAuth Remote Code Execution Exploit
Exploit Title: juniper-SRX-Firewalls&EX-switches PreAuth-RCE PoC Description: This code serves as both a vulnerability detector and a proof of concept for CVE-2023-36845. It executes the phpinfo function on the login page of the target device, allowing to inspect the PHP configuration. also this...
Juniper-SRX-Firewalls&EX-switches - (PreAuth-RCE) (PoC)
Exploit Title: juniper-SRX-Firewalls&EX-switches PreAuth-RCE PoC Description: This code serves as both a vulnerability detector and a proof of concept for CVE-2023-36845. It executes the phpinfo function on the login page of the target device, allowing to inspect the PHP configuration. also this...
CVE-2023-38320
An issue was discovered in OpenNDS Captive Portal before version 10.1.2. It has a showpreauthpage NULL pointer dereference that can be triggered with a crafted GET HTTP with a missing User-Agent header. Triggering this issue results in crashing OpenNDS a Denial-of-Service condition. This problem...
Exploit for CVE-2023-38646
Poc-Metabase-Preauth-CVE-2023-38646 Ho to use? λ cve git...
Exploit for CVE-2023-38646
Poc-Metabase-Preauth-CVE-2023-38646 Ho to use? λ cve git...
Exploit for CVE-2023-38646
Poc-Metabase-Preauth-CVE-2023-38646 Ho to use? λ cve git...