Lucene search
K

1784 matches found

OSV
OSV
added 2026/03/25 6:10 p.m.1 views

SUSE-SU-2026:20946-1 Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.5.1 fixes various security issues The following security issues were fixed: - CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. - CVE-2025-40214: afunix: Initialise sccindex in...

7.8CVSS6.5AI score0.00278EPSS
Exploits0References19
RedhatCVE
RedhatCVE
added 2026/03/25 3:22 p.m.5 views

CVE-2026-23303

A flaw was found in the Linux kernel's Server Message Block SMB client. When debug logging is enabled, the cifssetcifscreds function logs plaintext credentials, including usernames and passwords. This information disclosure vulnerability allows a local attacker with access to the debug logs to...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/25 1:40 p.m.5 views

CVE-2026-23282

A flaw was found in the Linux kernel's Server Message Block SMB client. This vulnerability occurs when the SMB client fails to properly initialize variables during certain connection operations, such as reconnecting. An uninitialized variable can then be used, leading to a kernel panic and causin...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References4
NVD
NVD
added 2026/03/25 11:16 a.m.3 views

CVE-2026-23282

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to uninitialised var in smb2unlink If SMB2openinit or SMB2closeinit fails e.g. reconnect, the iovs set @rqst will be left uninitialised, hence calling SMB2openfree, SMB2closefree or smb2setrelated on the...

5.5CVSS0.00121EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/03/25 11:16 a.m.6 views

CVE-2026-23282

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to uninitialised var in smb2unlink If SMB2openinit or SMB2closeinit fails e.g. reconnect, the iovs set @rqst will be left uninitialised, hence calling SMB2openfree, SMB2closefree or smb2setrelated on the...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/03/25 11:16 a.m.7 views

CVE-2026-23303

In the Linux kernel, the following vulnerability has been resolved: smb: client: Don't log plaintext credentials in cifssetcifscreds When debug logging is enabled, cifssetcifscreds logs the key payload and exposes the plaintext username and password. Remove the debug log to avoid exposing...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/03/25 10:26 a.m.3 views

CVE-2026-23303

In the Linux kernel, the following vulnerability has been resolved: smb: client: Don't log plaintext credentials in cifssetcifscreds When debug logging is enabled, cifssetcifscreds logs the key payload and exposes the plaintext username and password. Remove the debug log to avoid exposing...

5.5CVSS5.2AI score0.00123EPSS
Exploits0
OSV
OSV
added 2026/03/25 10:26 a.m.4 views

CVE-2026-23303 smb: client: Don't log plaintext credentials in cifs_set_cifscreds

In the Linux kernel, the following vulnerability has been resolved: smb: client: Don't log plaintext credentials in cifssetcifscreds When debug logging is enabled, cifssetcifscreds logs the key payload and exposes the plaintext username and password. Remove the debug log to avoid exposing...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/03/25 10:26 a.m.18 views

CVE-2026-23282 smb: client: fix oops due to uninitialised var in smb2_unlink()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to uninitialised var in smb2unlink If SMB2openinit or SMB2closeinit fails e.g. reconnect, the iovs set @rqst will be left uninitialised, hence calling SMB2openfree, SMB2closefree or smb2setrelated on the...

0.00121EPSS
Exploits0References3
OSV
OSV
added 2026/03/25 10:26 a.m.10 views

CVE-2026-23282 smb: client: fix oops due to uninitialised var in smb2_unlink()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to uninitialised var in smb2unlink If SMB2openinit or SMB2closeinit fails e.g. reconnect, the iovs set @rqst will be left uninitialised, hence calling SMB2openfree, SMB2closefree or smb2setrelated on the...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References6
NVD
NVD
added 2026/03/25 1:17 a.m.3 views

CVE-2026-28835

A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. Mounting a maliciously crafted SMB network share may lead to system termination...

6.5CVSS0.0045EPSS
Exploits0References3
CVE
CVE
added 2026/03/25 12:32 a.m.18 views

CVE-2026-28835

Summary: CVE-2026-28835 is a use-after-free vulnerability related to SMB network share mounting on macOS. Root cause: memory management issue (use-after-free) addressed in updates. Impact (as stated): mounting a maliciously crafted SMB network share may terminate the system. Affected/affected con...

6.5CVSS5.8AI score0.0045EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/24 4:49 p.m.2 views

SUSE-SU-2026:20863-1 Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues The following security issues were fixed: - CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. - CVE-2025-40258: mptcp: fix race condition in mptcpschedulewor...

7.8CVSS6.5AI score0.00278EPSS
Exploits0References17
OSV
OSV
added 2026/03/24 4:49 p.m.2 views

SUSE-SU-2026:20885-1 Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-32.1 fixes various security issues The following security issues were fixed: - CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. - CVE-2025-40258: mptcp: fix race condition in mptcpschedulewor...

7.8CVSS6.5AI score0.00278EPSS
Exploits0References17
OSV
OSV
added 2026/03/24 4:48 p.m.2 views

SUSE-SU-2026:20854-1 Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues The following security issues were fixed: - CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. - CVE-2025-40258: mptcp: fix race condition in mptcpschedulewor...

7.8CVSS5.9AI score0.00278EPSS
Exploits0References17
OSV
OSV
added 2026/03/24 4:48 p.m.3 views

SUSE-SU-2026:20851-1 Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-33.1 fixes various security issues The following security issues were fixed: - CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. - CVE-2025-40258: mptcp: fix race condition in mptcpschedulewor...

7.8CVSS6.5AI score0.00278EPSS
Exploits0References13
OSV
OSV
added 2026/03/24 4:48 p.m.2 views

SUSE-SU-2026:20847-1 Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-25.1 fixes various security issues The following security issues were fixed: - CVE-2025-21738: ata: libata-sff: ensure that we cannot write outside the allocated buffer bsc1257118. - CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to...

7.8CVSS7.2AI score0.00278EPSS
Exploits0References17
GithubExploit
GithubExploit
added 2026/03/23 4:35 p.m.167 views

TGT2Admin-

🎭 RBCDExploit - Resource-Based Constrained Delegation Attack...

6AI score
Exploits0
Redos
Redos
added 2026/03/23 12:0 a.m.8 views

ROS-20260323-73-0031

A vulnerability in the ksmbdsmb2checkmessage function of the fs/smb/server/smb2misc.c module of the Linux kernel SMB server support is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS5.8AI score0.00135EPSS
Exploits0
SUSE Linux
SUSE Linux
added 2026/03/22 10:49 p.m.4 views

Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 15 SP7 RT)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.8 fixes various security issues The following security issues were fixed: CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. CVE-2025-40258: mptcp: fix race condition in...

8.7CVSS5.8AI score0.00278EPSS
Exploits0References32
Rows per page
Query Builder