Lucene search
K

33 matches found

CBLMariner
CBLMariner
added 2026/06/05 12:59 p.m.9 views

CVE-2026-40355 affecting package krb5 for versions less than 1.21.3-4

CVE-2026-40355 affecting package krb5 for versions less than 1.21.3-4. A patched version of the package is available...

7.5CVSS5.4AI score0.00501EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/06/05 12:59 p.m.7 views

CVE-2026-40356 affecting package krb5 for versions less than 1.21.3-4

CVE-2026-40356 affecting package krb5 for versions less than 1.21.3-4. A patched version of the package is available...

7.5CVSS5.4AI score0.00501EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/02/09 11:37 p.m.5 views

CVE-2025-24528 affecting package krb5 for versions less than 1.21.3-3

CVE-2025-24528 affecting package krb5 for versions less than 1.21.3-3. A patched version of the package is available...

7.1CVSS5.5AI score0.00606EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.2 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: krb5 (UTSA-2025-986178)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986178 advisory. In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length...

9.1CVSS7.2AI score0.01863EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/07/26 3:30 a.m.46 views

CVE-2025-54414 Anubis accepts crafted redirect URLs in pass-challenge 'Try Again' buttons

Anubis is a Web AI Firewall Utility that weighs the soul of users' connections using one or more challenges in order to protect upstream resources from scraper bots. In versions 1.21.2 and below, attackers can craft malicious pass-challenge pages that cause a user to execute arbitrary JavaScript...

5.1CVSS0.0048EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/24 12:0 a.m.6 views

Komga 安全漏洞

Komga is a media server for comics, magazines, and eBooks by Gauthier Personal Developers. A security vulnerability exists in Komga versions 1.8.0 through 1.21.3, which stems from the presence of cross-site scripting in the EPUB resource that could lead to execution of operations as a victim...

4.2CVSS6AI score0.00278EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.20 views

EulerOS 2.0 SP12 : krb5 (EulerOS-SA-2024-2506)

According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens wit...

9.1CVSS7.3AI score0.01863EPSS
Exploits0References3
NVD
NVD
added 2024/09/05 6:15 p.m.25 views

CVE-2024-45401

stripe-cli is a command-line tool for the payment processor Stripe. A vulnerability exists in stripe-cli starting in version 1.11.1 and prior to version 1.21.3 where a plugin package containing a manifest with a malformed plugin shortname installed using the --archive-url or --archive-path flags...

7.5CVSS0.00195EPSS
Exploits0References1
OSV
OSV
added 2024/09/05 5:9 p.m.11 views

CVE-2024-45401 stripe-cli Path Traversal vulnerability

stripe-cli is a command-line tool for the payment processor Stripe. A vulnerability exists in stripe-cli starting in version 1.11.1 and prior to version 1.21.3 where a plugin package containing a manifest with a malformed plugin shortname installed using the --archive-url or --archive-path flags...

7.5CVSS6.8AI score0.00195EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/09/05 5:9 p.m.22 views

CVE-2024-45401 stripe-cli Path Traversal vulnerability

stripe-cli is a command-line tool for the payment processor Stripe. A vulnerability exists in stripe-cli starting in version 1.11.1 and prior to version 1.21.3 where a plugin package containing a manifest with a malformed plugin shortname installed using the --archive-url or --archive-path flags...

7.5CVSS7AI score0.00195EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/05 5:9 p.m.26 views

CVE-2024-45401 stripe-cli Path Traversal vulnerability

stripe-cli is a command-line tool for the payment processor Stripe. A vulnerability exists in stripe-cli starting in version 1.11.1 and prior to version 1.21.3 where a plugin package containing a manifest with a malformed plugin shortname installed using the --archive-url or --archive-path flags...

7.5CVSS0.00195EPSS
Exploits0References1
CVE
CVE
added 2024/09/05 5:9 p.m.55 views

CVE-2024-45401

Summary: CVE-2024-45401 affects stripe-cli. In versions 1.11.1 up to, but not including, 1.21.3, a plugin package with a manifest containing a malformed plugin shortname installed via --archive-url or --archive-path could overwrite arbitrary files (path traversal). Impact: local file overwrite vi...

7.5CVSS7.3AI score0.00195EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/09/05 12:0 a.m.5 views

PT-2024-31605 · Stripe · Stripe Cli

Name of the Vulnerable Software and Affected Versions: stripe-cli versions 1.11.1 through 1.21.2 Description: A path traversal vulnerability exists in stripe-cli where a plugin package containing a manifest with a malformed plugin shortname installed using the --archive-url or --archive-path flag...

7.5CVSS7.3AI score0.00195EPSS
Exploits0References14
CBLMariner
CBLMariner
added 2024/08/14 8:43 p.m.19 views

CVE-2024-26461 affecting package krb5 for versions less than 1.21.3-1

CVE-2024-26461 affecting package krb5 for versions less than 1.21.3-1. An upgraded version of the package is available that resolves this issue...

7.5CVSS6.9AI score0.01128EPSS
Exploits1
CBLMariner
CBLMariner
added 2024/08/14 8:43 p.m.24 views

CVE-2024-37371 affecting package krb5 for versions less than 1.21.3-1

CVE-2024-37371 affecting package krb5 for versions less than 1.21.3-1. An upgraded version of the package is available that resolves this issue...

9.1CVSS6.9AI score0.01863EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/08/05 7:0 a.m.5 views

In MIT Kerberos 5 (aka krb5) before 1.21.3 an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token causing the unwrapped token to appear truncated to the application.

...

7.5CVSS8.9AI score0.00748EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/08/05 3:22 a.m.19 views

CVE-2024-26461 affecting package krb5 for versions less than 1.19.4-3

CVE-2024-26461 affecting package krb5 for versions less than 1.19.4-3. A patched version of the package is available...

7.5CVSS7.8AI score0.01128EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2024/07/13 9:0 p.m.7 views

@a-type/ui (>=0.8.17 <=1.2.3), @adminjs/design-system (>=3.0.0 <=3.1.1) +369 more potentially affected by unknown CVE via prosemirror-model (>=1.0.1 <=1.21.3)

prosemirror-model NPM version =1.0.1, =0.8.17, =3.0.0, =0.1.0, =0.0.1, =13.1.0, =10.4.0, =0.0.2, =3.0.0, =16.0.0, =0.0.1, =7.0.0, =47.0.0, =8.0.0, =126.0.0, =194.4.0 and more Source cves: unknown CVE Source advisory: SNYK:JS-PROSEMIRRORMODEL-7838221...

5.7AI score
Exploits0
SUSE CVE
SUSE CVE
added 2024/06/28 11:17 p.m.3 views

SUSE CVE-2024-37371

In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields...

6.5CVSS7.6AI score0.01863EPSS
Exploits0References16
OSV
OSV
added 2024/06/28 11:15 p.m.4 views

AZL-42996 CVE-2024-37371 affecting package krb5 for versions less than 1.21.3-1

In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields...

9.1CVSS7.2AI score0.01863EPSS
Exploits0References1
Rows per page
Query Builder