Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.7 views

MiracleLinux 8 : krb5-1.18.2-34.el8_10 (AXSA:2026-613:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-613:03 advisory. krb5: MIT Kerberos 5 krb5: Denial of Service via integer underflow and out-of-bounds read CVE-2026-40356 krb5: MIT Kerberos 5: Denial of Service via...

7.5CVSS5.8AI score0.00501EPSS
Exploits2References3
ATTACKERKB
ATTACKERKB
added 2026/04/28 12:0 a.m.4 views

CVE-2026-40355

In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parsenegomessage...

5.9CVSS5.4AI score0.00501EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2026/04/28 12:0 a.m.6 views

CVE-2026-40356

In MIT Kerberos 5 aka krb5 before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, possibly causing the process t...

7.5CVSS5.6AI score0.00501EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.4 views

MiracleLinux 4 : krb5-1.10.3-10.AXS4.2 (AXSA:2013-413:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-413:02 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending...

4CVSS5.6AI score0.02921EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.5 views

Siemens SIMATIC S7-1500 Uncontrolled Recursion (CVE-2020-28196)

MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c support for BER indefinite lengths lacks a recursion limit. This plugin only works with Tenable.ot. Please visit...

7.5CVSS7.4AI score0.04365EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2018-5709

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in MIT Kerberos 5 aka krb5 through 1.16. There is a variable dbentry-nkeydata in kadmin/dbutil/dump.c that can store 16-bit data but...

7.5CVSS7.6AI score0.02067EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:31 a.m.2 views

SUSE CVE-2018-5709

An issue was discovered in MIT Kerberos 5 aka krb5 through 1.16. There is a variable "dbentry-nkeydata" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect...

7.5CVSS9.5AI score0.02067EPSS
Exploits0References4
Rows per page
Query Builder