Lucene search
K

1784 matches found

Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.7 views

PT-2026-37579

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the SMB client within the query interfaces function. This occurs when two query interface operations concurrently attempt to update the interfaces. The issue i...

8.8CVSS5.4AI score0.00354EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.18 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : curl vulnerabilities (USN-8227-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8227-1 advisory. It was discovered that curl incorrectly reused non-TLS connections when TLS was required in some STARTTLS configurations....

7.5CVSS5.9AI score0.00639EPSS
Exploits7References8
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-31710

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: fix dir separator in SMB1 UNIX mounts When calling cifsmountgettcon with SMB1 UNIX mounts, @cifssb-mntcifsflags needs to be read or updated only...

5.5CVSS6AI score0.001EPSS
Exploits0References2
OSV
OSV
added 2026/05/04 1:12 p.m.6 views

JLSEC-2026-401

A use after free vulnerability exists in curl 7.87.0. Curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can and often do deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocat...

5.9CVSS6.8AI score0.02511EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2026/05/04 10:8 a.m.9 views

CVE-2026-6867

A flaw was found in Wireshark. A remote attacker could exploit a vulnerability in the SMB2 protocol dissector by sending a specially crafted packet. This could lead to a crash of the Wireshark application, resulting in a denial of service DoS for the user. Mitigation To mitigate this issue, users...

6.5CVSS5.8AI score0.00124EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/05/04 9:32 a.m.8 views

CVE-2026-5407

A flaw was found in Wireshark, a network protocol analyzer. An attacker could exploit this vulnerability by providing a specially crafted network capture file containing malicious SMB2 protocol data. This could trigger an infinite loop in Wireshark's SMB2 analysis component, leading to a denial o...

5.5CVSS5.8AI score0.00138EPSS
Exploits1References5
Microsoft CVE
Microsoft CVE
added 2026/05/02 8:4 a.m.9 views

smb: client: fix OOB read in smb2_ioctl_query_info QUERY_INFO path

...

8.1CVSS5.8AI score0.00307EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/01 8:24 p.m.4 views

CVE-2026-31712

A flaw was found in the ksmbd component of the Linux kernel. An authenticated Server Message Block SMB client with permissions to set an Access Control List ACL on a file can craft a malicious Discretionary Access Control List DACL. This crafted DACL, containing an undersized Access Control Entry...

8.3CVSS5.8AI score0.00315EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/01 8:20 p.m.6 views

CVE-2026-31710

A flaw was found in the Linux kernel's Server Message Block SMB client. When mounting SMB1 UNIX shares, the system may incorrectly handle directory separators. This issue arises because flags related to POSIX Access Control Lists ACLs and paths are not properly updated, leading to the use of an...

5.5CVSS5.8AI score0.001EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/01 8:14 p.m.7 views

CVE-2026-31708

A flaw was found in the Linux kernel's Server Message Block SMB client. A malicious server can exploit an out-of-bounds read vulnerability by manipulating the OutputBufferLength during a QUERYINFO operation. This can lead to the exposure of sensitive kernel memory to userspace, resulting in...

8.1CVSS5.8AI score0.00307EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/01 8:14 p.m.6 views

CVE-2026-31709

A flaw was found in the Linux kernel's Server Message Block SMB client, specifically within the cifsacl functionality. A malicious SMB server could provide a malformed Discretionary Access Control List DACL that claims to contain more Access Control Entries ACEs than are actually present. This...

8.8CVSS5.8AI score0.00259EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/01 8:3 p.m.7 views

CVE-2026-31705

A flaw was found in the ksmbd component of the Linux kernel. This out-of-bounds write vulnerability occurs when processing Server Message Block SMB extended attribute EA information. Specifically, the smb2getea function performs an unconditional memory write for alignment padding without checking...

9.8CVSS6.2AI score0.00394EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/01 1:56 p.m.34 views

CVE-2026-31710 smb: client: fix dir separator in SMB1 UNIX mounts

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix dir separator in SMB1 UNIX mounts When calling cifsmountgettcon with SMB1 UNIX mounts, @cifssb-mntcifsflags needs to be read or updated only after calling resetcifsunixcaps, otherwise it might end up with missing...

0.001EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/01 1:56 p.m.9 views

EUVD-2026-26519

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix dir separator in SMB1 UNIX mounts When calling cifsmountgettcon with SMB1 UNIX mounts, @cifssb-mntcifsflags needs to be read or updated only after calling resetcifsunixcaps, otherwise it might end up with missing...

5.7AI score0.001EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/05/01 1:56 p.m.7 views

CVE-2026-31710

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix dir separator in SMB1 UNIX mounts When calling cifsmountgettcon with SMB1 UNIX mounts, @cifssb-mntcifsflags needs to be read or updated only after calling resetcifsunixcaps, otherwise it might end up with missing...

5.5CVSS5.7AI score0.001EPSS
Exploits0
CVE
CVE
added 2026/05/01 1:56 p.m.39 views

CVE-2026-31709

In the Linux kernel SMB client (cifsacl), CVE-2026-31709 arises from insufficient validation of a server-provided DACL when rewriting security descriptors. The fix extends structural validation to ensure the DACL header, size, and per-ACE bounds are checked before any rewrite paths (replace_sids_...

8.8CVSS5.8AI score0.00259EPSS
Exploits0References19Affected Software1
Debian CVE
Debian CVE
added 2026/05/01 1:56 p.m.5 views

CVE-2026-31708

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOB read in smb2ioctlqueryinfo QUERYINFO path smb2ioctlqueryinfo has two response-copy branches: PASSTHRUFSCTL and the default QUERYINFO path. The QUERYINFO branch clamps qi.inputbufferlength to the server-report...

8.1CVSS5.9AI score0.00307EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/01 2:11 a.m.6 views

SUSE CVE-2026-6867

SMB2 protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.3AI score0.00124EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.9 views

Curl 7.40.0 < 8.20.0 Wrong SMB Connection Reuse

The version of curl installed on the remote host is 7.40.0 prior to 8.20.0. It is, therefore, affected by a wrong SMB connection reuse vulnerability: - libcurl might in some circumstances reuse the wrong connection for SMBS transfers. The code erroneously did not consider the share name as a...

7.5CVSS5.8AI score0.00549EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an unchecked response buffer size in the QUERYINFO path of the smb2ioctlqueryinfo function. This...

8.1CVSS5.9AI score0.00307EPSS
Exploits0References1
Rows per page
Query Builder