CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2026/04/30 9:30 a.m.•4 views

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: krb5: krb5-devel-1.22.2-7.hum1 aarch64, x8664 krb5-libs-1.22.2-7.hum1 aarch64, x8664 krb5-pkinit-1.22.2-7.hum1 aarch64, x8664 krb5-server-1.22.2-7.hum1 aarch64, x8664 krb5-server-ldap-1.22.2-7.hu...

5.9CVSS5.8AI score0.00108EPSS

OSV•added 2026/04/13 2:33 p.m.•3 views

JLSEC-2026-91

PAC parsing in MIT Kerberos 5 aka krb5 before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution in KDC, kadmind, or a GSS or Kerberos application server on 32-bit platforms which have a resultant heap-based buffer overflow, and cause a denial of service ...

8.8CVSS6.6AI score0.10832EPSS

Exploits1References22

SUSE CVE•added 2025/11/26 12:24 a.m.•1 views

SUSE CVE-2025-59089

If an attacker causes kdcproxy to connect to an attacker-controlled KDC server e.g. through server-side request forgery, they can exploit the fact that kdcproxy does not enforce bounds on TCP response length to conduct a denial-of-service attack. While receiving the KDC's response, kdcproxy copie...

5.9CVSS7.1AI score0.00086EPSS

Exploits0References5

RedHat Linux•added 2025/11/20 8:15 a.m.•2 views

python-kdcproxy: Remote DoS via unbounded TCP upstream buffering

5.9CVSS5.9AI score0.00086EPSS

Exploits0References6

RedHat Linux•added 2025/11/20 8:10 a.m.•2 views

python-kdcproxy: Remote DoS via unbounded TCP upstream buffering

5.9CVSS5.9AI score0.00086EPSS

Exploits0References6

NVD•added 2025/11/12 5:15 p.m.•2 views

CVE-2025-59089

5.9CVSS0.00086EPSS

Exploits0References17

SUSE CVE•added 2023/02/15 6:1 a.m.•1 views

SUSE CVE-2010-0014

System Security Services Daemon SSSD before 1.0.1, when the krb5 authprovider is configured but the KDC is unreachable, allows physically proximate attackers to authenticate, via an arbitrary password, to the screen-locking program on a workstation that has any user's Kerberos ticket-granting...

3.7CVSS7.2AI score0.00133EPSS

Exploits2References3

SUSE CVE•added 2023/02/15 5:11 a.m.•1 views

SUSE CVE-2015-8630

The 1 kadm5createprincipal3 and 2 kadm5modifyprincipal functions in lib/kadm5/srv/svrprincipal.c in kadmind in MIT Kerberos 5 aka krb5 1.12.x and 1.13.x before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service NULL pointer dereference and daemon crash b...

7.5CVSS6.7AI score0.03623EPSS

Tenable Nessus•added 2022/12/23 12:0 a.m.•37 views

Fedora 35 : heimdal (2022-cbbd105d08)

The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-cbbd105d08 advisory. Fixes: Delay service starts until after network is online rhbz2005501 Restart services on package update will apply when updating from this release...

9.8CVSS6.7AI score0.10832EPSS

Exploits1References7

Tenable Nessus•added 2022/03/01 12:0 a.m.•49 views

EulerOS 2.0 SP5 : samba (EulerOS-SA-2022-1282)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over t...

8.5CVSS6.4AI score0.05139EPSS

OpenVAS•added 2022/01/28 12:0 a.m.•14 views

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2022-1037)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.7AI score0.05139EPSS

Tenable Nessus•added 2022/01/28 12:0 a.m.•32 views

EulerOS 2.0 SP9 : samba (EulerOS-SA-2022-1037)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ Ticket Granting Server - Request. An...

6.5CVSS6.4AI score0.05139EPSS

OpenVAS•added 2022/01/28 12:0 a.m.•22 views

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2022-1017)

6.5CVSS7.7AI score0.05139EPSS

OSV•added 2021/10/12 6:15 p.m.•3 views

AZL-7354 CVE-2021-3671 affecting package samba 4.12.5-7

A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ Ticket Granting Server - Request. An authenticated user could use this flaw to crash the samba server...

OSV•added 2021/10/12 6:15 p.m.•1 views

Exploits0References1

ALPINE-CVE-2021-3671

6.5CVSS6.7AI score0.05139EPSS

Exploits0References1

OSV•added 2021/10/12 6:15 p.m.•2 views

AZL-37004 CVE-2021-3671 affecting package samba for versions less than 4.18.3-1

UbuntuCve•added 2021/10/12 6:15 p.m.•28 views

Exploits0References1

CVE-2021-3671

CVE•added 2021/10/12 12:0 a.m.•364 views

CVE-2021-3671

CVE-2021-3671 is a NULL pointer dereference in Samba’s Kerberos server when a TGS-REQ is missing an sname, allowing an authenticated user to crash the Samba KDC and cause a denial of service. Public disclosures and advisories reference Samba/ Heimdal contexts and note that this affects Samba/Kerb...

6.5CVSS7.1AI score0.05139EPSS

Exploits0References7Affected Software1

CNNVD•added 2021/10/12 12:0 a.m.•0 views

Samba 代码问题漏洞

Samba is the standard Windows interoperability program suite for Linux and Unix. Samba suffers from a code issue vulnerability that stems from a null pointer reference in the way the Samba Kerberos server handles a missing sname in a TGS-REQ Ticket Granting server - Request. An authenticated user...