38 matches found
EUVD-2010-2357
Malware in sbrugna...
EUVD-2019-18936
Malware in sbrugna...
EUVD-2015-4866
Malware in sbrugna...
EUVD-2016-6117
Malware in sbrugna...
EUVD-2015-4903
Malware in sbrugna...
EUVD-2022-0662
Malicious code in bioql PyPI...
KB5065510: Windows Server 2008 R2 Security Update (September 2025)
The remote Windows host is missing security update 5065510. It is, therefore, affected by multiple vulnerabilities - SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make t...
KB5065427: Windows 10 Version 1607 / Windows Server 2016 Security Update (September 2025)
The remote Windows host is missing security update 5065427. It is, therefore, affected by multiple vulnerabilities - SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make t...
KB5065426: Windows 11 Version 24H2 / Windows Server 2025 Security Update (September 2025)
The remote Windows host is missing security update 5065426 or hotpatch 5065474. It is, therefore, affected by multiple vulnerabilities - SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform rela...
CVE-2019-9565
Druide Antidote RX, HD, 8 before 8.05.2287, 9 before 9.5.3937 and 10 before 10.1.2147 allows remote attackers to steal NTLM hashes or perform SMB relay attacks upon a direct launch of the product, or upon an indirect launch via an integration such as Chrome, Firefox, Word, Outlook, etc. This occu...
BIT-SOLR-2021-44548 Apache Solr information disclosure vulnerability through DataImportHandler
An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path resulting in an SMB network call being made from the Solr host to another host on the network. If the attacker has wider access to the network, this may lead to SMB...
SUSE CVE-2016-5166
The download implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly restrict saving a file:// URL that is referenced by an http:// URL, which makes it easier for user-assisted remote attackers to discover NetNTLM hashes and condu...
GHSA-PCCR-Q7V9-5F27 Apache Solr Improper Input Validation and Path Traversal
An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path resulting in an SMB network call being made from the Solr host to another host on the network. If the attacker has wider access to the network, this may lead to SMB...
CVE-2021-44548
An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path resulting in an SMB network call being made from the Solr host to another host on the network. If the attacker has wider access to the network, this may lead to SMB...
CVE-2021-44548
An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path resulting in an SMB network call being made from the Solr host to another host on the network. If the attacker has wider access to the network, this may lead to SMB...
Input validation
An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path resulting in an SMB network call being made from the Solr host to another host on the network. If the attacker has wider access to the network, this may lead to SMB...
WebExec - (Authenticated) User Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Windows XP systems that are not part of a domain default to treating all network logons as if they were Guest. This prevents SMB relay attacks from gaining administrativ...
Chrome Browser Hack Opens Door to Credential Theft
A vulnerability in Google’s Chrome browser allows hackers to automatically download a malicious file onto a victim’s PC that could be used to steal credentials and launch SMB relay attacks. Bosko Stankovic, information security engineer at DefenseCode, found the flaw in the default configuration ...
EAPHammer - Targeted Evil Twin Attacks Against WPA2-Enterprise Networks [Indirect Wireless Pivots Using Hostile Portal Attacks]
EAPHammer is a toolkit for performing targeted evil twin attacks against WPA2-Enterprise networks. It is designed to be used in full scope wireless assessments and red team engagements. As such, focus is placed on providing an easy-to-use interface that can be leveraged to execute powerful wirele...
Information disclosure
The download implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly restrict saving a file:// URL that is referenced by an http:// URL, which makes it easier for user-assisted remote attackers to discover NetNTLM hashes and condu...