SUSE-SU-2026:0903-1 Security update for curl

This update for curl fixes the following issues: - CVE-2026-1965: bad reuse of HTTP Negotiate connection bsc1259362. - CVE-2026-3783: token leak with redirect and netrc bsc1259363. - CVE-2026-3784: wrong proxy connection reuse with credentials bsc1259364. - CVE-2026-3805: use after free in SMB...

CVE-2025-35058

Newforma Info Exchange NIX '/UserWeb/Common/MarkupServices.ashx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the customer-configured NIX service account...

CVE-2025-35057 Newforma Info Exchange (NIX) forced NTLMv2 authentication via /RemoteWeb/IntegrationServices.ashx

Newforma Info Exchange NIX '/RemoteWeb/IntegrationServices.ashx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the NIX service account...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft

CVE-2025-24071 This Python script is designed to demonstrate...

SMB Windows Full Build Number

Gets the full build number of a Windows operating system using PowerShell via SMB. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if descripti...

TeamViewer Unquoted URI Handler SMB Redirect

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TeamViewer Unquoted URI Handler SMB Redirect', 'Description' = %q This module exploits an unquoted parameter call within the Teamviewer URI handl...

Exploit for Improper Input Validation in Microsoft

A Simple PoC in PowerShell for CVE-2023-23397 CVE-2023-23397...

SUSE: Security Advisory (SUSE-SU-2018:3683-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : libreoffice (EulerOS-SA-2020-2551)

According to the versions of the libreoffice packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not valida...

TeamViewer Unquoted URI Handler SMB Redirect

This module exploits an unquoted parameter call within the Teamviewer URI handler to create an SMB connection to an attacker controlled IP. TeamViewer use auxiliary/server/teamviewerurismbredirect msf auxiliaryteamviewerurismbredirect show actions ...actions... msf auxiliaryteamviewerurismbredire...

CVE-2019-18213

XML Language Server aka lsp4xml before 0.9.1, as used in Red Hat XML Language Support aka vscode-xml before 0.9.1 for Visual Studio and other products, allows XXE via a crafted XML document, with resultant SSRF as well as SMB connection initiation that can lead to NetNTLM challenge/response captu...

openSUSE Security Update : libreoffice (openSUSE-2019-642)

This update for libreoffice to 6.0.5.2 fixes the following issues : Security issues fixed : - CVE-2018-10583: An information disclosure vulnerability occurs during automatic processing and initiating an SMB connection embedded in a malicious file, as demonstrated by...

SUSE SLED12 Security Update : libreoffice (SUSE-SU-2018:2485-2)

This update for libreoffice to 6.0.5.2 fixes the following issues : Security issues fixed : CVE-2018-10583: An information disclosure vulnerability occurs during automatic processing and initiating an SMB connection embedded in a malicious file, as demonstrated by...

Scientific Linux Security Update : libreoffice on SL7.x x86_64 (20181030)

Security Fixes : - libreoffice: Use-after-free in sdstor/stgstrms.cxx:StgSmallStrm class allows for denial of service with crafted document CVE-2018-10119 - libreoffice: Out of bounds write in filter/ww8/ww8toolbar.cxx:SwCTBWrapper class allows for denial of service with crafted document...

openSUSE: Security Advisory for LibreOffice (openSUSE-SU-2018:3796-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Windows Search Remote Code Execution Vulnerability

A remote code execution vulnerability exists when Windows Search handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full...

RHEL 7 : libreoffice (RHSA-2018:3054)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3054 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor...

openSUSE: Security Advisory for libreoffice (openSUSE-SU-2018:2533-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for libreoffice (moderate)

This update for libreoffice to 6.0.5.2 fixes the following issues: Security issues fixed: - CVE-2018-10583: An information disclosure vulnerability occurs during automatic processing and initiating an SMB connection embedded in a malicious file, as demonstrated by...

Security update for libreoffice (moderate)

This update for libreoffice to 6.0.5.2 fixes the following issues: Security issues fixed: - CVE-2018-10583: An information disclosure vulnerability occurs during automatic processing and initiating an SMB connection embedded in a malicious file, as demonstrated by...