CVE-2026-28196

In JetBrains TeamCity before 2025.11.3 disabling versioned settings left a credentials config on disk...

CVE-2026-28196

In JetBrains TeamCity before 2025.11.3 disabling versioned settings left a credentials config on disk...

CVE-2024-28196

creationtimestamp| type| source ---|---|--- 2024-03-13 19:32:17+00:00| seen| https://t.me/ctinow/207057 2024-03-13 19:32:23+00:00| seen| https://t.me/ctinow/207062...

CVE-2024-28196

CVE-2024-28196 affects YourSpotify (self-hosted Spotify tracking dashboard). The issue arises in versions

CVE-2024-28196 Clickjacking in your_spotify

yourspotify is an open source, self hosted Spotify tracking dashboard. YourSpotify version 1.9.0 does not prevent other pages from displaying it in an iframe and is thus vulnerable to clickjacking. Clickjacking can be used to trick an existing user of YourSpotify to trigger actions, such as...

Amazon Linux 2 : krb5 (ALAS-2022-1845)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1845 advisory. A flaw was found in krb5. MIT Kerberos 5 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c support for BER indefinite lengths lacks a recursion limit...

RHEL 8 : Red Hat Virtualization Host security update [ovirt-4.4.6] (Moderate) (RHSA-2021:2239)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:2239 advisory. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host,...

NewStart CGSL MAIN 6.02 : krb5 Vulnerability (NS-SA-2022-0057)

The remote NewStart CGSL host, running version MAIN 6.02, has krb5 packages installed that are affected by a vulnerability: - MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c...

CVE-2022-28196

creationtimestamp| type| source ---|---|--- 2022-04-27 22:13:23+00:00| seen| https://t.me/cibsecurity/41530...

CVE-2022-28196

CVE-2022-28196 affects NVIDIA Jetson Linux Driver Package, specifically the Cboot blob_decompress function. The vulnerability arises from insufficient validation of untrusted data, enabling a local, privileged attacker to trigger a memory buffer overflow and potentially achieve code execution, wi...

AlmaLinux 8 : krb5 (ALSA-2021:1593)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:1593 advisory. - MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the...

Security Bulletin: Vulnerability in MIT Kerberos 5 (CVE-2020-28196) affects HMC

Summary MIT Kerberos 5 krb5 is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-28196 DESCRIPTION: MIT Kerberos 5 aka krb5 is vulnerable to a denial of service, caused by an unbounded recursion flaw in...

CVE-2020-28196 affecting package krb5 1.17-4

CVE-2020-28196 affecting package krb5 1.17-4. An upgraded version of the package is available that resolves this issue...

Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2021-2141)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.2.2 : krb5 (EulerOS-SA-2021-2141)

According to the version of the krb5 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because...

Oracle Linux 7 : krb5 (ELSA-2021-9294)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-9294 advisory. 1.15.1-50.0.1 - Add recursion limit for ASN.1 indefinite lengths Orabug: 32582360 Tenable has extracted the preceding description block directly from the Oracle...

SUSE: Security Advisory (SUSE-SU-2020:3377-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 8 : krb5 (ELSA-2021-1593)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1593 advisory. - Add recursion limit for ASN.1 indefinite lengths CVE-2020-28196 Tenable has extracted the preceding description block directly from the Oracle Linux security...

krb5 security update

1.18.2-8 - Add recursion limit for ASN.1 indefinite lengths CVE-2020-28196 - Resolves: 1906492 1.18.2-7 - Document -k option in kvno1 synopsis - Resolves: 1869055 1.18.2-6 - Enable MD5 override for FIPS RADIUS - Resolves: 1872689 1.18.2-5.2 - Unify kvno option documentation - Resolves: 1869055...

CentOS 8 : krb5 (CESA-2021:1593)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:1593 advisory. - krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1encode.c may lead to DoS CVE-2020-28196 Note that Nessus has not tested...