CLSA-2026-1778604245 samba: Fix of CVE-2022-32742

CVE-2022-32742: fix server memory information leak via SMB1; insufficient range-check on SMB1 write request length allowed server memory contents to leak into the written file or printer instead of client-supplied bytes...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an URB leak in the pvr2sendrequestex function. This vulnerability may lead to the submission of write...

EUVD-2021-8959

Malicious code in bioql PyPI...

CVE-2025-50892

The eudskacs.sys driver version 20250328 shipped with EaseUs Todo Backup 1.2.0.1 fails to properly validate privileges for I/O requests IRPMJREAD/IRPMJWRITE sent to its device object. This allows a local, low-privileged attacker to perform arbitrary raw disk reads and writes, leading to sensitive...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm, Inc. A security vulnerability exists in Qualcomm Chipsets that stems from a memory corruption when processing camera TPG write requests...

PT-2025-28431 · Qualcomm · Snapdragon +10

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: Memory corruption occurs while processing camera TPG write requests. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability...

CVE-2021-21787

A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0d8, the first dword passed in the input buffer is the device port to write to and the byte at offset 4 is the value to write via...

CVE-2021-21789

A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0e0, the first dword passed in the input buffer is the device port to write to and the dword at offset 4 is the value to write via...

PT-2025-36291

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the handling of NFS write requests within the Linux kernel. Specifically, the issue occurs when updating an existing write request after nfs lock and join...

CVE-2024-44992

In the Linux kernel, the following vulnerability has been resolved: smb/client: avoid possible NULL dereference in cifsfreesubrequest Clang static checker scan-build warning: cifsglob.h:line 890, column 3 Access to field 'ops' results in a dereference of a null pointer. Commit 519be989717c "cifs:...

Discourse 安全漏洞

Discourse is an open source community discussion platform from Discourse Open Source. The platform includes community, email, and chat room features. A security vulnerability exists in Discourse that stems from the fact that writing requests that submit very long tag group names may reduce the...

RHEL 7 : samba (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - samba: Symlink race error can allow directory creation outside of the exported share CVE-2021-43566 -...

CVE-2023-30839 PrestaShop vulnerable to SQL filter bypass leading to arbitrary write requests using "SQL Manager"

PrestaShop is an Open Source e-commerce web application. Versions prior to 8.0.4 and 1.7.8.9 contain a SQL filtering vulnerability. A BO user can write, update, and delete in the database, even without having specific rights. PrestaShop 8.0.4 and 1.7.8.9 contain a patch for this issue. There are ...

CVE-2023-30839 PrestaShop vulnerable to SQL filter bypass leading to arbitrary write requests using "SQL Manager"

PrestaShop is an Open Source e-commerce web application. Versions prior to 8.0.4 and 1.7.8.9 contain a SQL filtering vulnerability. A BO user can write, update, and delete in the database, even without having specific rights. PrestaShop 8.0.4 and 1.7.8.9 contain a patch for this issue. There are ...

K21571420: Multiple Samba vulnerabilities

Security Advisory Description CVE-2022-2031 A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service share a single account and set of keys, allowing them to decrypt each other's tickets. A user who has been requested to change their password, can exploit this...

SUSE CVE-2011-1750

Multiple heap-based buffer overflows in the virtio-blk driver hw/virtio-blk.c in qemu-kvm 0.14.0 allow local guest users to cause a denial of service guest crash and possibly gain privileges via a 1 write request to the virtioblkhandlewrite function or 2 read request to the virtioblkhandleread...

SUSE CVE-2015-5707

Integer overflow in the sgstartreq function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iovcount value in a write request...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2023-1234)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 9 : samba (ELSA-2022-8317)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-8317 advisory. - resolves: rhbz2108332 - Fix CVE-2022-32742 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

AlmaLinux 9 : samba (ALSA-2022:8317)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:8317 advisory. - A flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing...