Lucene search
+L

76 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 8 : krb5-1.18.2-29.el8_10 (AXSA:2024-8657:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8657:03 advisory. krb5: GSS message token handling CVE-2024-37371 krb5: GSS message token handling CVE-2024-37370 Tenable has extracted the preceding description bloc...

9.1CVSS7.4AI score0.01863EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.5 views

TencentOS Server 2: krb5 (TSSA-2024:0381)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0381 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

9.1CVSS7.4AI score0.01863EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.5 views

TencentOS Server 4: krb5 (TSSA-2024:0438)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0438 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

9.1CVSS7.4AI score0.01863EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/06/09 12:0 a.m.7 views

NewStart CGSL MAIN 7.02 : krb5 Multiple Vulnerabilities (NS-SA-2025-0081)

The remote NewStart CGSL host, running version MAIN 7.02, has krb5 packages installed that are affected by multiple vulnerabilities: - In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid leng...

9.1CVSS7.3AI score0.01863EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.5 views

Fedora: Security Advisory (FEDORA-2024-36514cd080)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.5AI score0.01863EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2025/05/19 12:0 a.m.12 views

Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2025-1446)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.5AI score0.01863EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/05/19 12:0 a.m.13 views

Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2025-1475)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.5AI score0.01863EPSS
Exploits0References2
Rosalinux
Rosalinux
added 2025/04/11 9:49 p.m.13 views

Advisory ROSA-SA-2025-2806

Software: krb5 1.18.2 OS: ROSA Virtualization 3.0 packageevrstring: krb5-1.18.2-31.0.1.rv30 CVE-ID: CVE-2024-37370 BDU-ID: 2024-07016 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the implementation of the Kerberos network authentication protocol is associated with a change to the public Extra Cou...

9.1CVSS7.8AI score0.14859EPSS
Exploits2
Circl
Circl
added 2025/03/13 8:43 p.m.9 views

CVE-2024-37371

creationtimestamp| type| source ---|---|--- 2025-03-13 20:43:13+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7504 2025-06-12 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-05...

9.1CVSS7.3AI score0.01863EPSS
Exploits0References2
OSV
OSV
added 2025/02/19 12:0 a.m.34 views

ALSA-2025:1671 Important: mysql security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: openssl: SSLselectnextproto buffer overread CVE-2024-5535 krb5: GSS message token handling CVE-2024-37371 curl: libcurl: ASN.1 date pars...

9.1CVSS9.9AI score0.17301EPSS
Exploits3References100
Tenable Nessus
Tenable Nessus
added 2025/02/19 12:0 a.m.19 views

RHEL 9 : mysql (RHSA-2025:1671)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:1671 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and...

9.1CVSS7.7AI score0.17301EPSS
Exploits3References102
AlmaLinux
AlmaLinux
added 2025/02/19 12:0 a.m.48 views

Important: mysql:8.0 security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: openssl: SSLselectnextproto buffer overread CVE-2024-5535 krb5: GSS message token handling CVE-2024-37371 curl: libcurl: ASN.1 date pars...

9.1CVSS6.4AI score0.17301EPSS
Exploits3References100
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.4 views

Azure Linux 3.0 Security Update: krb5 (CVE-2024-37371)

The version of krb5 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-37371 advisory. - In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token...

9.1CVSS7.2AI score0.01863EPSS
Exploits0References2
OSV
OSV
added 2025/02/03 8:56 a.m.6 views

SUSE-SU-2025:20051-1 Security update for krb5

This update for krb5 fixes the following issues: - CVE-2024-37370: Confidential GSS krb5 wrap tokens with invalid plaintext Extra Count fields were erroneously accepted during unwrap bsc1227186 - CVE-2024-37371: Fixed invalid memory read when processing message tokens with invalid length fields...

9.1CVSS6.8AI score0.01863EPSS
Exploits3References11
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.17 views

Security Bulletin: Vulnerability in MIT Kerberos krb5 (CVE-2024-37371) affects Power HMC.

Summary The MIT Kerberos krb5 library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2024-37371 DESCRIPTION: MIT Kerberos 5 aka krb5 is vulnerable to a denial of service, caused by an invalid memory reads during GSS message...

9.1CVSS6.6AI score0.01863EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2025/01/22 12:0 a.m.21 views

Oracle MySQL Server 8.0 - 8.0.39, 8.4 - 8.4.2, 9.0 - 9.0.1 Security Update (cpujan2025) - Linux

Oracle MySQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...

9.1CVSS7.4AI score0.01863EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/01/21 12:0 a.m.16 views

Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2025-1124)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS9.6AI score0.01863EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/12/04 10:17 p.m.22 views

Security Bulletin: PowerSC is vulnerable to information disclosure, denial of service, and security restrictions bypass due to Curl

Summary Vulnerabilities in Curl could allow a local attacker to obtain sensitive information CVE-2024-7264 or a remote attacker to cause a denial of service CVE-2024-6197, CVE-2024-37371 or bypass security restrictions CVE-2024-37370. PowerSC uses Curl as part of PowerSC Trusted Network Connect...

9.1CVSS7.5AI score0.17301EPSS
Exploits2Affected Software1
Oracle linux
Oracle linux
added 2024/11/14 12:0 a.m.262 views

krb5 security update

1.21.1-3.0.1 - Fixed race condition in krb5setpassword Orabug: 33609767 1.21.1-3 - CVE-2024-37370 CVE-2024-37371 Fix vulnerabilities in GSS message token handling Resolves: RHEL-45402 RHEL-45392...

7.5CVSS7.2AI score0.01863EPSS
Exploits3
OpenVAS
OpenVAS
added 2024/10/28 12:0 a.m.21 views

Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2024-2770)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS9.6AI score0.01863EPSS
Exploits0References2
Rows per page
Query Builder