Lucene search
K

1784 matches found

Debian CVE
Debian CVE
added 2026/05/08 2:21 p.m.6 views

CVE-2026-43378

In the Linux kernel, the following vulnerability has been resolved: smb: server: fix use-after-free in smb2open The opinfo pointer obtained via rcudereferencefp-fopinfo is dereferenced after rcureadunlock, creating a use-after-free window...

9.8CVSS5.7AI score0.00308EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:21 p.m.7 views

CVE-2026-43362

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqiov, so cryptmessage encrypts iov1 in-place, replacing the original...

5.8AI score0.00217EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2026/05/08 2:21 p.m.7 views

CVE-2026-43362

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqiov, so cryptmessage encrypts iov1 in-place, replacing the original...

8.1CVSS5.7AI score0.00217EPSS
Exploits0
NVD
NVD
added 2026/05/08 2:16 p.m.9 views

CVE-2026-43350

In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...

7.6CVSS0.00224EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2026/05/08 2:16 p.m.7 views

CVE-2026-43350

In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...

7.6CVSS5.8AI score0.00224EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/05/08 1:41 p.m.36 views

CVE-2026-43350 smb: client: require a full NFS mode SID before reading mode bits

In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...

7.6CVSS0.00224EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/05/08 1:41 p.m.10 views

CVE-2026-43350

In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...

7.6CVSS5.7AI score0.00224EPSS
Exploits0
NVD
NVD
added 2026/05/08 6:16 a.m.18 views

CVE-2024-27686

Mikrotik RouterOS x86 6.40.5 through 6.49.10 fixed in 7 allows a remote attacker to cause a denial of service device crash via crafted packet data to the SMB service on TCP port 445...

7.5CVSS0.00591EPSS
Exploits7References2
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.7 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from ksmbd’s ability to record key bytes during SMB3 signature and encryption key generation, potentially...

8.1CVSS5.8AI score0.00248EPSS
Exploits0References1
CVE
CVE
added 2026/05/08 12:0 a.m.52 views

CVE-2024-27686

CVE-2024-27686 affects MikroTik RouterOS on x86, with versions 6.40.5 through 6.49.10 vulnerable to remote denial of service via specially crafted SMB data on TCP port 445; 6.49.10 is among the tested ranges and the fix is in version 7. The root cause involves handling of SMB requests that can cr...

7.5CVSS5.8AI score0.00591EPSS
Exploits7References2
Vulnrichment
Vulnrichment
added 2026/05/08 12:0 a.m.7 views

CVE-2024-27686

Mikrotik RouterOS x86 6.40.5 through 6.49.10 fixed in 7 allows a remote attacker to cause a denial of service device crash via crafted packet data to the SMB service on TCP port 445...

5.8AI score0.00591EPSS
Exploits7References2
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.10 views

Mikrotik RouterOS 资源管理错误漏洞

Mikrotik RouterOS is an operating system for network devices developed by the Latvian company Mikrotik. There were resource management vulnerabilities in the Mikrotik RouterOS x86 version 6.40.5 to 6.49.10. These vulnerabilities stemmed from the SMB service’s handling of specially crafted packets...

7.5CVSS5.8AI score0.00591EPSS
Exploits7References1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.13 views

PT-2026-39023

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.10 Description A flaw exists in the SMB client where the SMB2 write function places the write payload in iov1..n as part of rq iov. Because smb3 init transform rq pointer-shares rq iov, the crypt message functi...

8.1CVSS5.5AI score0.00217EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/08 12:0 a.m.9 views

CVE-2024-27686

Mikrotik RouterOS x86 6.40.5 through 6.49.10 fixed in 7 allows a remote attacker to cause a denial of service device crash via crafted packet data to the SMB service on TCP port 445...

5.8AI score0.00591EPSS
Exploits7References3
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.21 views

PT-2026-39001

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the SMB client where the parse dacl function incorrectly handles Access Control Entry ACE SIDs. The function treats an ACE SID matching sid unix NFS mode as an NFS mode...

9.8CVSS6AI score0.93235EPSS
Exploits31References57
RedhatCVE
RedhatCVE
added 2026/05/06 10:52 p.m.9 views

CVE-2026-43239

A flaw was found in the Linux kernel's Server Message Block SMB client. A race condition exists where multiple operations attempting to update network interfaces could execute simultaneously. This concurrency issue could lead to an inconsistent state within the SMB client, potentially causing...

8.8CVSS5.8AI score0.00354EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/06 12:30 p.m.4 views

EUVD-2026-27800

In the Linux kernel, the following vulnerability has been resolved: smb: client: prevent races in -queryinterfaces It was possible for two query interface works to be concurrently trying to update the interfaces. Prevent this by checking and updating ifacelastupdate under ifacelock...

5.7AI score0.00354EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/05/06 11:28 a.m.6 views

CVE-2026-43239

In the Linux kernel, the following vulnerability has been resolved: smb: client: prevent races in -queryinterfaces It was possible for two query interface works to be concurrently trying to update the interfaces. Prevent this by checking and updating ifacelastupdate under ifacelock...

8.8CVSS5.7AI score0.00354EPSS
Exploits0
NVD
NVD
added 2026/05/06 10:16 a.m.12 views

CVE-2026-43112

In the Linux kernel, the following vulnerability has been resolved: fs/smb/client: fix out-of-bounds read in cifssanitizeprepath When cifssanitizeprepath is called with an empty string or a string containing only delimiters e.g., "/", the current logic attempts to check cursor2 - 1 before cursor2...

8.8CVSS0.00339EPSS
Exploits0References10
Debian CVE
Debian CVE
added 2026/05/06 7:40 a.m.7 views

CVE-2026-43112

In the Linux kernel, the following vulnerability has been resolved: fs/smb/client: fix out-of-bounds read in cifssanitizeprepath When cifssanitizeprepath is called with an empty string or a string containing only delimiters e.g., "/", the current logic attempts to check cursor2 - 1 before cursor2...

8.8CVSS5.7AI score0.00339EPSS
Exploits0
Rows per page
Query Builder