1784 matches found
CVE-2026-3805
CVE-2026-3805 describes a heap-use-after-free in curl’s SMB connection reuse. During needle-based connection reuse, curl sets req->path to point inside the connection-owned smbc->share memory. When the needle is freed, smbc->share is freed as well, but req->path on the easy handle rem...
CVE-2026-3805
When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...
CURL-CVE-2026-3805 use after free in SMB connection reuse
When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...
use after free in SMB connection reuse
When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...
curl -- Multiple vulnerabilties
The curl project reports: use after free in SMB connection reuse wrong proxy connection reuse with credentials token leak with redirect and netrc bad reuse of HTTP Negotiate connection...
curl 安全漏洞
curl is an open-source tool developed by cURL for transferring data from or to a server. Curl has a security vulnerability that stems from the use of data pointers pointing to freed memory during repeated SMB requests, which may lead to memory corruption...
CVE-2026-26128 Windows SMB Server Elevation of Privilege Vulnerability
...
CVE-2026-26128 Windows SMB Server Elevation of Privilege Vulnerability
...
CVE-2026-26128
CVE-2026-26128 concerns an elevation-of-privilege flaw in Windows SMB Server caused by improper authentication. The vulnerability affects Windows SMB Server and is described in connected sources as allowing an authorized local attacker to obtain higher privileges. Evidence from the connected docu...
CVE-2026-24294
CVE-2026-24294 affects Windows SMB Server. The core issue is improper authentication in the SMB component, enabling an authorized local attacker to elevate privileges. The CVE is rated high (CVSS 3.1 base 7.8) with local attack vector, low complexity, and no user interaction required, and the imp...
CVE-2026-24294 Windows SMB Server Elevation of Privilege Vulnerability
...
USN-8059-8: Linux kernel (NVIDIA) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; CVE-2025-22037, CVE-2025-37899...
Windows SMB Server Elevation of Privilege Vulnerability
Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally...
PT-2026-24288
Name of the Vulnerable Software and Affected Versions Windows Server 2025 Description Improper authentication in the Windows SMB Server allows an authorized attacker to elevate privileges locally. The issue involves an NTLM reflection bypass where the core SMB component skips authentication check...
PT-2026-36050
Name of the Vulnerable Software and Affected Versions Wireshark versions 4.6.0 through 4.6.4 Wireshark versions 4.4.0 through 4.4.14 Description An infinite loop in the SMB2 protocol dissector can lead to a denial of service. Recommendations Update Wireshark versions 4.6.0 through 4.6.4 to a...
curl: Use-After-Free in SMB connection reuse (req->path dangling pointer after needle destruction)
Summary A heap-use-after-free occurs in smbsendopen at lib/smb.c when curl processes two SMB URLs targeting the same host. The function smbparseurlpath sets req-path as a non-owning pointer into smbc-share connection-owned memory. During connection reuse, the needle connection is freed via...
curl: CVE-2026-3805: use after free in SMB connection reuse
Summary A heap-use-after-free occurs in smbsendopen at lib/smb.c when curl processes two SMB URLs targeting the same host. The function smbparseurlpath sets req-path as a non-owning pointer into smbc-share connection-owned memory. During connection reuse, the needle connection is freed via...
USN-8059-7: Linux kernel (AWS FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SMB network file system; CVE-2025-22037, CVE-2025-37899...
curl: LM Challenge-Response Hash Always Sent in SMB Authentication
LM Challenge-Response Hash Always Sent in SMB Authentication Summary The curl SMB client unconditionally computes and sends both the legacy LAN Manager LM and NT challenge-response hashes during SMB session setup. The LM hash is cryptographically broken — it splits the password into two 7-charact...
RHEL 9 : kernel-rt (RHSA-2026:3375)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3375 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...