Lucene search
K

1784 matches found

Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.9 views

PT-2026-36339

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the SMB client where the system fails to fully validate the Discretionary Access Control List DACL before rewriting it in cifsacl. The functions build sec desc and id...

8.8CVSS6.1AI score0.00259EPSS
Exploits0References131
Tenable Nessus
Tenable Nessus
added 2026/05/01 12:0 a.m.9 views

Curl 7.40.0 < 8.20.0 Wrong SMB Connection Reuse

The version of curl installed on the remote host is 7.40.0 prior to 8.20.0. It is, therefore, affected by a wrong SMB connection reuse vulnerability: - libcurl might in some circumstances reuse the wrong connection for SMBS transfers. The code erroneously did not consider the share name as a...

7.5CVSS5.8AI score0.00549EPSS
Exploits1References2
CVE
CVE
added 2026/04/30 11:47 a.m.14 views

CVE-2026-31693

CVE-2026-31693 affects the Linux kernel CIFS implementation. The issue arises when replaying a request: certain local variables were not reinitialized after a replay label, which can cause unpredictable behavior and potentially denial of service or instability. The vulnerability is limited to the...

7.8CVSS5.6AI score0.00129EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/04/30 7:16 a.m.8 views

CVE-2026-6867

SMB2 protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS0.00124EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/30 5:39 a.m.8 views

EUVD-2026-26320

SMB2 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.2AI score0.00138EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/04/30 5:39 a.m.7 views

CVE-2026-5407 Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark

SMB2 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.2AI score0.00138EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2026/04/30 5:33 a.m.5 views

CVE-2026-6867

SMB2 protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.3AI score0.00124EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2026/04/30 5:33 a.m.3 views

CVE-2026-6867

SMB2 protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.8AI score0.00124EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/30 5:33 a.m.4 views

EUVD-2026-26346

SMB2 protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.2AI score0.00124EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/30 5:33 a.m.3 views

CVE-2026-6867

SMB2 protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.2AI score0.00124EPSS
Exploits1References3Affected Software1
GithubExploit
GithubExploit
added 2026/04/30 4:31 a.m.132 views

Exploit for Improper Authentication in Microsoft

CVE-2026-24294 - Local NTLM Reflection LPE via SMB Arbitrary P...

7.8CVSS5.6AI score0.02732EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.4 views

PT-2026-36076

Name of the Vulnerable Software and Affected Versions Wireshark versions 4.6.0 through 4.6.4 Wireshark versions 4.4.0 through 4.4.14 Description A crash in the SMB2 protocol dissector allows for a denial of service. A dissector is a software component that breaks down network packets into a...

8.8CVSS5.8AI score0.0039EPSS
Exploits43References51
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.8 views

Wireshark 安全漏洞

Wireshark is a set of network packet analysis tools developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions of Wireshark from 4.6.0 to 4.6.4, as well as 4.4.0 to 4.4.14, have security vulnerabilities. These...

5.5CVSS5.8AI score0.00124EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.10 views

Wireshark 安全漏洞

Wireshark is a set of network packet analysis tools developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions of Wireshark from 4.6.0 to 4.6.4, as well as 4.4.0 to 4.4.14, have security vulnerabilities. These...

5.5CVSS5.8AI score0.00138EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2026/04/29 2:0 p.m.3 views

CVE-2026-5773

libcurl might in some circumstances reuse the wrong connection for SMBS transfers. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When reusing a connection a range of criteria must be met. Due to a logical error in the...

7.5CVSS5.8AI score0.00549EPSS
Exploits1References3
curl security advisories
curl security advisories
added 2026/04/29 8:0 a.m.7 views

wrong reuse of SMB connection

libcurl might in some circumstances reuse the wrong connection for SMBS transfers. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When reusing a connection a range of criteria must be met. Due to a logical error in the...

7.5CVSS5.2AI score0.00549EPSS
Exploits1References1Affected Software2
OSV
OSV
added 2026/04/29 8:0 a.m.11 views

CURL-CVE-2026-5773 wrong reuse of SMB connection

libcurl might in some circumstances reuse the wrong connection for SMBS transfers. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When reusing a connection a range of criteria must be met. Due to a logical error in the...

7.5CVSS5.4AI score0.00549EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/04/27 12:25 p.m.5 views

CVE-2026-31538

A flaw was found in the Linux kernel's Server Message Block SMB direct server. A race condition exists in the logic responsible for managing receive credits. This occurs because the system's method of counting posted receive input/output recvio and granted credits is susceptible to timing issues...

7.5CVSS5.4AI score0.00426EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2026/04/26 8:6 a.m.3 views

smb: client: avoid double-free in smbd_free_send_io() after smbd_send_batch_flush()

...

9.8CVSS5.2AI score0.00457EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/04/26 8:5 a.m.7 views

smb: server: avoid double-free in smb_direct_free_sendmsg after smb_direct_flush_send_list()

...

9.8CVSS5.2AI score0.00457EPSS
Exploits0
Rows per page
Query Builder