Lucene search
+L

211 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.17 views

Amazon Linux 2023 : bind, bind-chroot, bind-devel (ALAS2023-2026-1755)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1755 advisory. Fix GSS-API resource leak CVE-2026-3039 Limit resolver server list size CVE-2026-3592 An unauthenticated remote attacker can crash any affected named instance with a single crafted DNS message...

7.5CVSS5.9AI score0.0181EPSS
Exploits1References10
Ubuntu
Ubuntu
added 2026/05/21 7:11 p.m.15 views

USN-8293-1: Bind vulnerabilities

Vitaly Simonovich discovered that Bind could exhaust memory during GSS-API TKEY negotiation. A remote attacker could possibly use this issue to cause Bind to use excessive resources, leading to a denial of service. CVE-2026-3039 Shuhan Zhang discovered that Bind incorrectly handled self-pointed...

9.8CVSS6AI score0.01844EPSS
Exploits1
OSV
OSV
added 2026/05/21 7:11 p.m.10 views

USN-8293-1 bind9 vulnerabilities

Vitaly Simonovich discovered that Bind could exhaust memory during GSS-API TKEY negotiation. A remote attacker could possibly use this issue to cause Bind to use excessive resources, leading to a denial of service. CVE-2026-3039 Shuhan Zhang discovered that Bind incorrectly handled self-pointed...

9.8CVSS6AI score0.01844EPSS
Exploits1References7
AlpineLinux
AlpineLinux
added 2026/05/20 1:9 p.m.20 views

CVE-2026-3039

BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or...

7.5CVSS5.7AI score0.01047EPSS
Exploits0References13
Vulnrichment
Vulnrichment
added 2026/05/20 1:9 p.m.14 views

CVE-2026-3039 BIND 9 server memory exhaustion during GSS-API TKEY negotiation

BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or...

7.5CVSS5.7AI score0.01047EPSS
Exploits0References4
OSV
OSV
added 2026/05/18 5:53 a.m.14 views

BIT-POSTGRESQL-2026-6479 PostgreSQL SSL/GSS init causes denial of service, via uncontrolled recursion

Uncontrolled recursion in PostgreSQL SSL and GSS negotiation allows an attacker able to connect to a PostgreSQL AFUNIX socket to achieve sustained denial of service. If SSL and GSS are both disabled, an attacker can do the same via access to a PostgreSQL TCP socket. Versions before PostgreSQL 18....

7.5CVSS5.8AI score0.00471EPSS
Exploits0References2
Hacker One
Hacker One
added 2026/05/08 3:31 p.m.8 views

curl: CVE-2026-8458: wrong reuse for different services

Summary: I found an incomplete-fix variant of CVE-2026-5545 in curl/libcurl 8.20.0. libcurl 8.20.0 still wrongly reuses an HTTP Negotiate-authenticated connection for a later request to the same host even when the requested service principal changes via CURLOPTSERVICENAME / --service-name. In my...

6.5CVSS6AI score0.00543EPSS
Exploits2
NVD
NVD
added 2026/05/06 4:16 p.m.8 views

CVE-2026-6691

The MongoDB C Driver's Cyrus SASL integration performs unsafe string copying during username canonicalization, enabling a heap buffer overflow before any authentication or network traffic. This may be triggered by passing untrusted input in the username of a MongoDB URI with authMechanism=GSSAPI...

8.6CVSS0.00126EPSS
Exploits0References1
CVE
CVE
added 2026/04/28 12:0 a.m.79 views

CVE-2026-40355

CVE-2026-40355 affects MIT Kerberos 5 (krb5) before 1.22.3. The issue is a NULL pointer dereference in NegoEx parsing when an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing th...

7.5CVSS5.5AI score0.00507EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2026/04/03 1:27 p.m.6 views

JLSEC-2026-48

Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL bytes to the libpq application. For example, a man-in-the-middle attacker could send a long error message that a human or screen-scraper user of psql mistake...

3.7CVSS6.8AI score0.0038EPSS
Exploits0References2
OSV
OSV
added 2026/03/24 3:36 p.m.7 views

CLSA-2026-1774366569 Fix CVE(s): CVE-2026-3497

SECURITY UPDATE: pre-auth crash via GSSAPI key exchange - debian/patches/CVE-2026-3497.patch: replace sshpktdisconnect with sshpacketdisconnect and initialize gssbufferdesc variables in kexgssc.c, kexgsss.c. - CVE-2026-3497...

8.2CVSS7.1AI score0.0218EPSS
Exploits0References1
OSV
OSV
added 2026/02/10 9:31 p.m.4 views

GHSA-CP6G-7HQX-QXHP mongo-go-driver has Heap Out-of-Bounds Read in GSSAPI Error Handling

The mongo-go-driver repository contains CGo bindings for GSSAPI Kerberos authentication on Linux and macOS. The C wrapper implementation contains a heap out-of-bounds read vulnerability due to incorrect assumptions about string termination in the GSSAPI standard. Since GSSAPI buffers are not...

6.9CVSS5.4AI score0.00223EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/11/21 12:23 a.m.7 views

SUSE CVE-2025-58181

SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption...

5.3CVSS7.1AI score0.00533EPSS
Exploits0References29
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2005-1127

Malware in sbrugna...

4.6CVSS6.4AI score0.00328EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2010-1350

Malware in sbrugna...

6.8CVSS6AI score0.06884EPSS
Exploits2References71
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2010-0659

Malware in sbrugna...

5CVSS7.8AI score0.03329EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-34729

Malicious code in bioql PyPI...

8.1CVSS7.3AI score0.01394EPSS
Exploits0References5
Hacker One
Hacker One
added 2025/09/24 3:36 a.m.21 views

curl: Race condition on global `gss_context` during SOCKS5 GSS-API negotiation in libcurl

Summary: Concurrent SOCKS5 GSS-API authentications share a file-scope global gsscontext without synchronization, causing data races and undefined behavior. - Global context defined at: 52:54:curl/lib/socksgssapi.c static gssctxidt gsscontext = GSSCNOCONTEXT; - Passed by address into the GSS init...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-2469

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client CVE-2022-2469 Note that Nessus relies on the presence of the packag...

8.1CVSS7.1AI score0.01394EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/03 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2011-1526

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications aka krb5-appl 1.0.1 and earlier does not check the krb5setegid return value, which allow...

6.5CVSS6.5AI score0.03938EPSS
Exploits0References2
Rows per page
Query Builder