Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
server message block vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-26496
In nbd-server in nbd prior to 3.24, there is a stack-based buffer overflow. An attacker can cause a buffer overflow in the parsing of the name field by sending a crafted NBD_OPT_INFO or NBD_OPT_GO message with an large value as the length of the name.
Network Block Device Project Network Block Device
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
NA
CVE-2005-1206
Buffer overflow in the Server Message Block (SMB) functionality for Microsoft Windows 2000, XP SP1 and SP2, and Server 2003 and SP1 allows remote malicious users to execute arbitrary code via unknown vectors, aka the "Server Message Block Vulnerability."
Microsoft Windows 2003 Server Sp1
Microsoft Windows Xp
Microsoft Windows 2000
Microsoft Windows 2003 Server R2
5.8
CVSSv3
CVE-2018-0244
A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote malicious user to bypass a configured file action policy to drop the Server Message Block (SMB) protocol if a malware file is detected. The vulnerability is due to ho...
Cisco Firepower Threat Defense
5.8
CVSSv3
CVE-2018-0243
A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote malicious user to bypass a configured file action policy that is intended to drop the Server Message Block Version 2 (SMB2) and SMB Version 3 (SMB3) protocols if malw...
Cisco Firepower Threat Defense
5.8
CVSSv3
CVE-2017-12300
A vulnerability in the SNORT detection engine of Cisco Firepower System Software could allow an unauthenticated, remote malicious user to bypass a file policy that is configured to block the Server Message Block Version 2 (SMB2) protocol. The vulnerability is due to the incorrect...
Cisco Firepower Management Center 2.9.10
Cisco Firepower Management Center 2.9.11
Cisco Firepower Management Center 2.9.9
Cisco Firepower Management Center 2.9.12
8.8
CVSSv3
CVE-2020-1301
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'.
Microsoft Windows 10 -
Microsoft Windows 10 1607
Microsoft Windows 10 1709
Microsoft Windows 10 1803
Microsoft Windows 10 1809
Microsoft Windows 10 1903
Microsoft Windows 10 1909
Microsoft Windows 10 2004
Microsoft Windows 7 -
Microsoft Windows 8.1 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 -
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2016 1903
Microsoft Windows Server 2016 1909
Microsoft Windows Server 2016 2004
Microsoft Windows Server 2019 -
1 Github repository
2 Articles
NA
CVE-2005-0045
The Server Message Block (SMB) implementation for Windows NT 4.0, 2000, XP, and Server 2003 does not properly validate certain SMB packets, which allows remote malicious users to execute arbitrary code via Transaction responses containing (1) Trans or (2) Trans2 commands, aka the...
Microsoft Windows 2000
Microsoft Windows 2003 Server Standard
Microsoft Windows 2003 Server Web
Microsoft Windows Nt 4.0
Microsoft Windows Xp
Microsoft Windows 2003 Server Enterprise
Microsoft Windows 2003 Server Enterprise 64-bit
Microsoft Windows 2003 Server R2
1 EDB exploit
NA
CVE-2015-2474
Microsoft Windows Vista SP2 and Server 2008 SP2 allow remote authenticated users to execute arbitrary code via a crafted string in a Server Message Block (SMB) server error-logging action, aka "Server Message Block Memory Corruption Vulnerability."
Microsoft Windows Vista -
Microsoft Windows Server 2008
8.8
CVSSv3
CVE-2019-0633
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0630.
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2012 -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008 -
Microsoft Windows Server 2016 1709
Microsoft Windows Server 2016 -
Microsoft Windows Rt 8.1 -
Microsoft Windows 7 -
Microsoft Windows 10 1607
Microsoft Windows Server 2019 -
Microsoft Windows Server 2016 1803
Microsoft Windows 8.1 -
Microsoft Windows 10 -
Microsoft Windows 10 1809
Microsoft Windows 10 1803
Microsoft Windows 10 1709
Microsoft Windows 10 1703
1 Article
8.8
CVSSv3
CVE-2019-0630
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0633.
Microsoft Windows Server 2016 1709
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2016 -
Microsoft Windows Server 2012 R2
Microsoft Windows 10 -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008 -
Microsoft Windows 10 1709
Microsoft Windows 10 1607
Microsoft Windows Server 2019 -
Microsoft Windows Server 2012 -
Microsoft Windows 10 1803
Microsoft Windows 10 1703
Microsoft Windows Rt 8.1 -
Microsoft Windows 8.1 -
Microsoft Windows 7 -
Microsoft Windows 10 1809
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »