151 matches found
KLA91036 Multiple vulnerabilities in Microsoft Dynamics
Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerabilit...
MiracleLinux 7 : krb5-1.15.1-55.el7 (AXSA:2022-4203:03)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4203:03 advisory. krb5: integer overflow vulnerabilities in PAC parsing CVE-2022-42898 Tenable has extracted the preceding description block directly from the MiracleLinux...
Siemens SIMATIC S7-1500 Integer Overflow or Wraparound (CVE-2022-42898)
PAC parsing in MIT Kerberos 5 aka krb5 before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution in KDC, kadmind, or a GSS or Kerberos application server on 32-bit platforms which have a resultant heap-based buffer overflow, and cause a denial of service ...
CLSA-2025-1762337525 Fix CVE(s): CVE-2022-42898
SECURITY UPDATE: integer overflow in PAC parsing - debian/patches/CVE-2022-42898.patch: catch overflows that result from adding PACINFOBUFFERSIZE - CVE-2022-42898...
Ubuntu: Security Advisory (USN-7582-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-42898
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2. Processing an image may lead to arbitrary code execution...
Alibaba Cloud Linux 3 : 0186: krb5 (ALINUX3-SA-2022:0186)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0186 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-42898: RESERVED This candidate has been...
Linux Distros Unpatched Vulnerability : CVE-2022-42898
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PAC parsing in MIT Kerberos 5 aka krb5 before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution in KDC, kadmind, or a...
Azure Linux 3.0 Security Update: heimdal / krb5 / samba (CVE-2022-42898)
The version of heimdal / krb5 / samba installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-42898 advisory. - PAC parsing in MIT Kerberos 5 aka krb5 before 1.19.4 and 1.20.x before 1.20.1 has integer...
CVE-2022-42898 affecting package samba 4.12.5-7
CVE-2022-42898 affecting package samba 4.12.5-7. No patch is available currently...
Nagios XI <= 2024R1.1.4 XSS Vulnerability
Nagios XI is prone to a cross-site scripting XSS vulnerability. Note: This VT is a duplicate of SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2024-42898
A cross-site scripting XSS vulnerability in Nagios XI 2024R1.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter in the Account Settings page...
CVE-2024-42898
creationtimestamp| type| source ---|---|--- 2025-01-09 20:14:42+00:00| seen| https://infosec.exchange/users/cve/statuses/113800228541689341 2025-01-09 20:17:11+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfdiovuzbv2i 2025-01-09 21:57:26+00:00| seen|...
CVE-2024-42898
A cross-site scripting XSS vulnerability in Nagios XI 2024R1.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter in the Account Settings page...
CVE-2024-42898
A cross-site scripting XSS vulnerability in Nagios XI 2024R1.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter in the Account Settings page...
Fedora 37 : krb5 (2022-a1747aca80)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-a1747aca80 advisory. Security fix for CVE-2022-42898 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...
CVE-2022-42898 affecting package samba for versions less than 4.18.3-1
CVE-2022-42898 affecting package samba for versions less than 4.18.3-1. An upgraded version of the package is available that resolves this issue...
Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2024-2294)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle MySQL Cluster 8.0.x < 8.0.35 (Oct 2023 / Jul 2024 CPU)
The versions of MySQL Cluster installed on the remote host are affected by a vulnerability as referenced in the October 2023 / July 2024 CPU advisory. - Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General Kerberos. Supported versions that are affected are 8.0.34...
Advisory ROSA-SA-2024-2419
software: heimdal 7.8.0 WASP: ROSA-CHROME packageevrstring: heimdal-7.8.0-1 CVE-ID: CVE-2021-44758 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: heimdal allowed attackers to cause null pointer dereferencing in the SPNEGO receiver via the preferredmechtype GSSCNOOID and a non-zero initialresponse value f...