Lucene search
K

3735 matches found

Cvelist
Cvelist
added 2025/11/19 8:33 p.m.53 views

CVE-2025-58181 Unbounded memory consumption in golang.org/x/crypto/ssh

SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption...

0.00533EPSS
Exploits0References4
OSV
OSV
added 2025/11/19 8:33 p.m.6 views

CVE-2025-58181 Unbounded memory consumption in golang.org/x/crypto/ssh

SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption...

5.3CVSS6.7AI score0.00533EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2025/11/19 8:33 p.m.3 views

CVE-2025-58181 Unbounded memory consumption in golang.org/x/crypto/ssh

SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption...

6.5AI score0.00533EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2025/11/19 8:33 p.m.3 views

CVE-2025-58181

SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption...

5.3CVSS5.5AI score0.00533EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/11/19 12:0 a.m.11 views

PT-2025-47532

Name of the Vulnerable Software and Affected Versions SSH servers affected versions not specified Description SSH servers that process GSSAPI authentication requests are susceptible to an issue where the number of mechanisms included in the request is not validated. This can lead to excessive...

9.8CVSS6.6AI score0.00533EPSS
Exploits0
OSV
OSV
added 2025/09/05 12:42 p.m.6 views

OESA-2025-2125 krb5 security update

Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. Security Fixes: A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due ...

5.9CVSS7AI score0.00308EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/09/02 3:57 a.m.6 views

krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This ma...

5.9CVSS7.1AI score0.00308EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-45142

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding != 0 comparisons to the result of memcmp...

7.5CVSS6.7AI score0.0369EPSS
Exploits0References2
OSV
OSV
added 2025/08/13 7:33 p.m.9 views

CLSA-2025-1755113592 Fix CVE(s): CVE-2025-3576

SECURITY UPDATE: prevent spoofing vulnerability in GSSAPI-protected messages using RC4-HMAC-MD5 due to weaknesses in MD5 checksum design - debian/patches/CVE-2025-3576: don't issue session keys with deprecated enctypes. Updates tests. - CVE-2025-3576...

5.9CVSS7.1AI score0.00308EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/06/24 12:42 a.m.4 views

krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This ma...

5.9CVSS7.1AI score0.00308EPSS
Exploits0References5
OSV
OSV
added 2025/06/19 10:33 a.m.5 views

USN-7582-1 samba vulnerabilities

Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. CVE-2022-3437 Greg Hudson discovered that Samba incorrectly handled PAC parsing. On...

9.8CVSS7AI score0.62015EPSS
Exploits1References5
Microsoft CVE
Microsoft CVE
added 2025/03/14 7:0 a.m.3 views

GSS-NTLMSSP vulnerable to memory corruption when decoding UTF16 strings

...

8.2CVSS7.5AI score0.01942EPSS
Exploits0
OSV
OSV
added 2024/11/14 1:15 p.m.7 views

AZL-53195 CVE-2024-10977 affecting package postgresql for versions less than 14.14-1

Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL bytes to the libpq application. For example, a man-in-the-middle attacker could send a long error message that a human or screen-scraper user of psql mistake...

3.7CVSS7.3AI score0.0038EPSS
Exploits0References1
OSV
OSV
added 2024/11/14 1:15 p.m.4 views

UBUNTU-CVE-2024-10977

Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL bytes to the libpq application. For example, a man-in-the-middle attacker could send a long error message that a human or screen-scraper user of psql mistake...

3.7CVSS6.8AI score0.0038EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/03 4:51 p.m.6 views

krb5: GSS message token handling

A vulnerability was found in the MIT Kerberos 5 GSS krb5 wrap token, where an attacker can modify the plaintext Extra Count field, causing the unwrapped token to appear truncated to the application, occurs when the attacker alters the token data during transmission which can lead to improper...

9.1CVSS7.2AI score0.01863EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/08/07 10:22 a.m.5 views

krb5: GSS message token handling

A vulnerability was found in the MIT Kerberos 5 GSS krb5 wrap token, where an attacker can modify the plaintext Extra Count field, causing the unwrapped token to appear truncated to the application, occurs when the attacker alters the token data during transmission which can lead to improper...

7.5CVSS7.2AI score0.00748EPSS
Exploits0References5
OSV
OSV
added 2023/03/06 11:15 p.m.6 views

AZL-25604 CVE-2022-45142 affecting package heimdal for versions less than 7.7.1-2

The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches and possibly other branches a logic inversion sneaked...

7.5CVSS6.8AI score0.00491EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:14 a.m.3 views

SUSE CVE-2006-5051

Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service crash, and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free...

9.3CVSS7.5AI score0.44963EPSS
Exploits7References8
SUSE CVE
SUSE CVE
added 2023/02/15 5:52 a.m.5 views

SUSE CVE-2011-2192

The Curlinputnegotiate function in httpnegotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests...

4.3CVSS7.1AI score0.02994EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:34 a.m.8 views

SUSE CVE-2013-5803

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JGSS...

2.6CVSS6.4AI score0.03864EPSS
Exploits0References11
Rows per page
Query Builder