Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

smb project smb vulnerabilities and exploits

(subscribe to this query)
5
CVSSv2
CVE-2017-16079
smb was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.
Smb Project Smb
5
CVSSv2
CVE-2019-1704
Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote malicious user to cause a denial of service (DoS) condition. For more information...
Cisco Firepower Threat Defense
3.3
CVSSv2
CVE-2019-1696
Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote malicious user to cause a denial of service (DoS) condition. For more information...
Cisco Firepower Management Center 2.9.11Cisco Firepower Management Center 2.9.12Cisco Firepower Management Center 2.9.13Cisco Firepower Management Center 2.9.9Cisco Firepower Management Center 2.9.10Cisco Firepower Management Center 2.9.8Cisco Firepower Threat Defense
6.8
CVSSv2
CVE-2020-24772
In Dreamacro Clash for Windows v0.11.4, an attacker could embed a malicious iframe in a website with a crafted URL that would launch the Clash Windows client and force it to open a remote SMB share. Windows will perform NTLM authentication when opening the SMB share and that requ...
Clash Project Clash 0.11.4
4.3
CVSSv2
CVE-2020-25845
Multiple functions of NHIServiSignAdapter failed to verify the users’ file path, which leads to the SMB request being redirected to a malicious host, resulting in the leakage of user's credential.
Panorama Project Nhiservisignadapter 1.0.20.0218
4.3
CVSSv2
CVE-2020-25846
The digest generation function of NHIServiSignAdapter has not been verified for source file path, which leads to the SMB request being redirected to a malicious host, resulting in the leakage of user's credential.
Panorama Project Nhiservisignadapter 1.0.20.0218
6.5
CVSSv2
CVE-2019-18213
XML Language Server (aka lsp4xml) prior to 0.9.1, as used in Red Hat XML Language Support (aka vscode-xml) prior to 0.9.1 for Visual Studio and other products, allows XXE via a crafted XML document, with resultant SSRF (as well as SMB connection initiation that can lead to NetNTL...
Xml Language Server Project Xml Server ProjectEclipse Wild Web Developer -Theia Xml Extension Project Theia Xml Extension -
9.3
CVSSv2
CVE-2021-43844
MSEdgeRedirect is a tool to redirect news, search, widgets, weather, and more to a user's default browser. MSEdgeRedirect versions prior to 0.5.0.1 are vulnerable to Remote Code Execution via specifically crafted URLs. This vulnerability requires user interaction and the acc...
Msedgeredirect Project Msedgeredirect
NA
CVE-2022-2780
In affected versions of Octopus Server it is possible to use the Git Connectivity test function on the VCS project to initiate an SMB request resulting in the potential for an NTLM relay attack.
Octopus Octopus Server
6.4
CVSSv2
CVE-2004-0883
Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read fun...
Linux Linux Kernel 2.4.0Linux Linux Kernel 2.4.15Linux Linux Kernel 2.4.16Linux Linux Kernel 2.4.17Linux Linux Kernel 2.4.18Linux Linux Kernel 2.4.11Linux Linux Kernel 2.4.12Linux Linux Kernel 2.4.19Linux Linux Kernel 2.4.20Linux Linux Kernel 2.4.21Linux Linux Kernel 2.4.24Linux Linux Kernel 2.4.24 Ow1Linux Linux Kernel 2.4.27Linux Linux Kernel 2.4.9Linux Linux Kernel 2.6.0Linux Linux Kernel 2.6.3Linux Linux Kernel 2.6.4Linux Linux Kernel 2.6.8Redhat Enterprise Linux 2.1Redhat Linux Advanced Workstation 2.1Linux Linux Kernel 2.4.22Linux Linux Kernel 2.4.23
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injectionCVE-2024-35894SQLCVE-2024-5105CVE-2014-100005CVE-2024-35895unauthorizedCVE-2024-22120CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook