Lucene search
K

1853 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fixed the directory separator in SMB1 UNIX mounts. When calling cifsmountgettcon with SMB1 UNIX mounts, @cifssb-mntcifsflags needs to be read or updated only after calling resetcifsunixcaps. Otherwise, the...

5.5CVSS5.7AI score0.001EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: smb: client: fixed the off-by-8 bounds check in checkwsleas The bounds check uses u8 ea + nlen + 1 + vlen as the end of the EA name and value. However, eadata is located at offset sizeofstruct smb2filefulleainfo = 8 from ea, not ...

7.1CVSS6.2AI score0.00126EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: When a multichannel SMB2SESSIONSETUP request with SMB2SESSIONREQFLAGBINDING fails, ksmbd sets conn-binding = true, but never clears this value during the error path. As a result, the connection remains in a binding state,...

8.8CVSS5.2AI score0.00454EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: smb: Client: Fixed a potential Use-after-Free UAF in smb2isvalidoplockbreak. Skipped sessions that are being torn down status == SESEXITING to avoid UAF...

5.5CVSS5.7AI score0.00225EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/17 10:29 p.m.7 views

CVE-2026-48818

A flaw was found in Starlette, a lightweight ASGI framework. On Windows systems, the StaticFiles component is vulnerable to Server-Side Request Forgery SSRF. A remote attacker can exploit this by providing a specially crafted Universal Naming Convention UNC path, which causes the system to initia...

7.5CVSS5AI score0.00368EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/17 12:5 p.m.9 views

kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions

A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...

7.8CVSS5.4AI score0.00353EPSS
Exploits4References7
RedHat Linux
RedHat Linux
added 2026/06/17 9:22 a.m.6 views

kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions

A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...

7.8CVSS5.3AI score0.00353EPSS
Exploits4References7
RedHat Linux
RedHat Linux
added 2026/06/17 6:53 a.m.4 views

kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions

A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges...

7.8CVSS5.3AI score0.00353EPSS
Exploits4References7
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.18 views

PT-2026-50000

Name of the Vulnerable Software and Affected Versions Oracle JD Edwards EnterpriseOne General Ledger version 9.2 Description A flaw in the E1 Foundation component allows a low-privileged attacker with network access via SMB Server Message Block, a network file sharing protocol to compromise the...

9.9CVSS5.8AI score0.00301EPSS
Exploits0References4
Snyk
Snyk
added 2026/06/15 8:16 p.m.9 views

Server-side Request Forgery (SSRF)

Overview starlette is a The little ASGI library that shines. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the StaticFiles file on Windows systems when handling UNC paths. An attacker can obtain NTLMv2 credentials of the service account by sending a...

8.8CVSS5.4AI score0.00368EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/15 5:18 p.m.9 views

External Control of File Name or Path

Overview org.webjars.npm:launch-editor is a launch editor from node.js Affected versions of this package are vulnerable to External Control of File Name or Path in the handling of UNC paths on Windows systems. An attacker can obtain NTLMv2 password hashes by tricking a user into accessing a...

8.3CVSS5.3AI score0.00322EPSS
Exploits0References2
OSV
OSV
added 2026/06/15 5:11 p.m.3 views

SUSE-SU-2026:22137-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-38549: efivarfs: Fix memory leak of efivarfsfsinfo in fscontext error paths bsc1248235. - CVE-2025-68324: scsi: imm: Fix use-after-free bug cause...

9.8CVSS5.6AI score0.93235EPSS
Exploits40References208
Tenable Nessus
Tenable Nessus
added 2026/06/15 12:0 a.m.6 views

RHEL 10 : kernel (RHSA-2026:25908)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25908 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net: afcan: do not leave a...

7.8CVSS5.5AI score0.00353EPSS
Exploits4References8
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.11 views

AlmaLinux 9 : kernel (ALSA-2026:24381)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:24381 advisory. kernel: smb: client: fix OOB reads parsing symlink error response CVE-2026-31613 kernel: Buffer overflow in drivers/xen/sys-hypervisor.c CVE-2026-31786...

8.1CVSS6.9AI score0.00378EPSS
Exploits4References5
OSV
OSV
added 2026/06/11 6:0 a.m.6 views

RLSA-2026:23259 Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions CVE-2026-46243 For more details about the security issues,...

7.8CVSS5.5AI score0.00353EPSS
Exploits4References2
OSV
OSV
added 2026/06/11 6:0 a.m.7 views

RLSA-2026:23258 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions CVE-2026-46243 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

7.8CVSS5.5AI score0.00353EPSS
Exploits4References2
Rockylinux
Rockylinux
added 2026/06/11 6:0 a.m.21 views

kernel security update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

7.8CVSS5.5AI score0.00353EPSS
Exploits4
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.20 views

VMware Spring Integration 路径遍历漏洞

VMware Spring Integration is an enterprise application integration framework developed by VMware, Inc. Versions 7.0.0 to 7.0.4, 6.5.0 to 6.5.8, 6.4.0 to 6.4.11, 6.3.0 to 6.3.14, and 5.5.0 to 5.5.20 of VMware Spring Integration have a path traversal vulnerability. This vulnerability arises due to...

7.1CVSS5.5AI score0.0021EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.10 views

Ubuntu 20.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-7408-3)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7408-3 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

7.8CVSS7.7AI score0.00276EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.9 views

Ubuntu 20.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-7701-2)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7701-2 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

9.8CVSS5.7AI score0.01483EPSS
Exploits0References8
Rows per page
Query Builder