Lucene search
K

1711 matches found

EUVD
EUVD
added 2026/05/15 5:15 a.m.11 views

EUVD-2026-30503

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate inherited ACE SID length smbinheritdacl walks the parent directory DACL loaded from the security descriptor xattr. It verifies that each ACE contains the fixed SID header before using it, but does not verify that...

6AI score0.00408EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/15 5:15 a.m.21 views

CVE-2026-43490

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate inherited ACE SID length smbinheritdacl walks the parent directory DACL loaded from the security descriptor xattr. It verifies that each ACE contains the fixed SID header before using it, but does not verify that...

8.8CVSS6AI score0.00408EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/05/15 5:15 a.m.42 views

CVE-2026-43490

The CVE-2026-43490 entry concerns the Linux kernel ksmbd SMB server. The flaw arises in smb_inherit_dacl() where the code validates a fixed SID header but not the variable-length SID described by sid.num_subauth, allowing a malformed inheritable ACE to advertise more subauthorities than present. ...

8.8CVSS6AI score0.00408EPSS
Exploits0References5Affected Software1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.47 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There are security vulnerabilities in the Linux kernel. These vulnerabilities stem from the fact that ksmbd does not verify the SID length of inherited ACEs in the...

8.8CVSS6AI score0.00408EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-43490

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: validate inherited ACE SID length smbinheritdacl walks the parent directory DACL loaded from the security descriptor xattr. It verifies that each ACE...

8.8CVSS7.3AI score0.00408EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/13 3:43 p.m.14 views

CVE-2026-8449

No description is available for this CVE...

5.8AI score0.00179EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/05/13 3:35 a.m.11 views

SUSE CVE-2026-43350

In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...

7.6CVSS5.8AI score0.00224EPSS
Exploits0References4
OSV
OSV
added 2026/05/12 10:16 p.m.9 views

UBUNTU-CVE-2026-8449

Rejected reason: This CVE ID has been rejected or withdrawn...

8.8CVSS5.7AI score0.00179EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/08 3:31 p.m.11 views

EUVD-2026-28634

In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...

5.8AI score0.00224EPSS
Exploits0References6
NVD
NVD
added 2026/05/08 2:16 p.m.11 views

CVE-2026-43350

In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...

7.6CVSS0.00224EPSS
Exploits0References8
OSV
OSV
added 2026/05/08 2:16 p.m.14 views

UBUNTU-CVE-2026-43350

In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...

7.6CVSS5.7AI score0.00224EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2026/05/08 1:41 p.m.9 views

CVE-2026-43350

In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...

7.6CVSS5.7AI score0.00224EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2026/05/08 1:41 p.m.17 views

CVE-2026-43350

In the Linux kernel, a vulnerability in the SMB client path can allow a malicious server to exploit an ACE with sid_unix_NFS_mode by providing an ACE with only two subauthorities. parse_dacl() would treat this as an NFS mode SID and read sub_auth[2], potentially reading four bytes past the end of...

7.6CVSS5.8AI score0.00224EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-43350

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 ...

7.6CVSS6AI score0.00224EPSS
Exploits0References3
NVD
NVD
added 2026/05/04 8:16 a.m.38 views

CVE-2026-7741

A vulnerability was detected in CodeAstro Online Classroom 1.0. Impacted is an unknown function of the file /OnlineClassroom/studentlogin. Performing a manipulation of the argument sid results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be us...

6.5CVSS0.00192EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/04 6:45 a.m.53 views

CVE-2026-7741 CodeAstro Online Classroom studentlogin sql injection

A vulnerability was detected in CodeAstro Online Classroom 1.0. Impacted is an unknown function of the file /OnlineClassroom/studentlogin. Performing a manipulation of the argument sid results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be us...

6.5CVSS0.00192EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/04 6:45 a.m.21 views

EUVD-2026-26927

A vulnerability was detected in CodeAstro Online Classroom 1.0. Impacted is an unknown function of the file /OnlineClassroom/studentlogin. Performing a manipulation of the argument sid results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be us...

6.5CVSS5.7AI score0.00192EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/04 6:45 a.m.7 views

CVE-2026-7741

A vulnerability was detected in CodeAstro Online Classroom 1.0. Impacted is an unknown function of the file /OnlineClassroom/studentlogin. Performing a manipulation of the argument sid results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be us...

6.5CVSS6.5AI score0.00192EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.17 views

PT-2026-36784

A vulnerability was detected in CodeAstro Online Classroom 1.0. Impacted is an unknown function of the file /OnlineClassroom/studentlogin. Performing a manipulation of the argument sid results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be us...

6.5CVSS6.5AI score0.00192EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/01 1:56 p.m.4 views

CVE-2026-31712

In the Linux kernel, the following vulnerability has been resolved: ksmbd: require minimum ACE size in smbcheckpermdacl Both ACE-walk loops in smbcheckpermdacl only guard against an under-sized remaining buffer, not against an ACE whose declared ace-size is smaller than the struct it claims to...

8.3CVSS5.7AI score0.00315EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder