CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

EUVD-2026-39650

It is possible to bypass the Kerberos pre-authentication check in Apache Kerby by sending a PA-DATA with an unrecognized or unsupported type. Users are recommended to upgrade to version 2.1.2, which fixes this issue...

7.3CVSS5.7AI score

Exploits0References2

NVD•added 9 hours ago•4 views

CVE-2026-57915

7.3CVSS

Exploits0References2

NVD•added 10 hours ago•5 views

CVE-2026-57914

By sending a deeply nested ASN1 structure to a Apache Kerby client or service, it's possible to trigger a StackOverFlow Exception which can lead to denial of service issues. Users are recommended to upgrade to version 2.1.2, which fixes this issue...

6.5CVSS

Exploits0References2

Cvelist•added 10 hours ago•5 views

CVE-2026-57915 Apache Kerby: Kerberos Pre-Authentication Bypass

Exploits0References1

CVE•added 10 hours ago•3 views

CVE-2026-57915

CVE-2026-57915 affects Apache Kerby: Kerberos pre-authentication can be bypassed by sending a PA-DATA with an unrecognized/unsupported type. The issue is enabled by the underlying pre-auth check and is fixed in Apache Kerby version 2.1.2. Reported impact from sources indicates a high-severity con...

7.3CVSS5.7AI score

Exploits0References2

CVE•added 11 hours ago•8 views

CVE-2026-57914

CVE-2026-57914 concerns Apache Kerby: parsing a deeply nested ASN.1 structure can trigger a StackOverflow, causing a denial of service. The impact is limited to DoS with availability impact reported; no remote code execution details are provided. The root cause is a vulnerability in the ASN.1 par...

6.5CVSS5.7AI score

Exploits0References2

Cvelist•added 11 hours ago•8 views

CVE-2026-57914 Apache Kerby: StackOverflow on parsing deeply nested ASN1 structures

Exploits0References1

EUVD•added 11 hours ago•4 views

EUVD-2026-39648

6.5CVSS5.7AI score

Exploits0References1

IBM Security Bulletins•added 2025/03/26 3:55 a.m.•49 views

Security Bulletin: Common vulnerabilities addressed in Cloudera Data Platform 7.1.9 HF2

Summary Fixes to common vulnerabilities discovered in Cloudera Data Platform 7.1.9 are available to download from Cloudera. Vulnerability Details CVEID:CVE-2017-15718 DESCRIPTION: Apache Hadoop could allow a remote attacker to obtain sensitive information, caused by a flaw in the YARN NodeManager...

9.8CVSS10AI score0.03635EPSS

Exploits8Affected Software1

RedhatCVE•added 2023/03/01 2:29 a.m.•30 views

CVE-2023-25613

A flaw was found in the kerby-backend. This issue leads to LDAP Injection...

9.8CVSS8.8AI score0.01491EPSS

Exploits0References3

CNVD•added 2023/02/22 12:0 a.m.•31 views

Apache Kerby LDAP Injection Vulnerability

Apache Kerby is a Java Kerberos binding from the Apache Foundation, USA. Provides rich, intuitive, and interoperable implementations, libraries, KDCs, and facilities to integrate PKI, OTP, and tokens OAuth2 as needed for modern environments such as cloud, Hadoop, and mobile. An LDAP injection...

9.8CVSS9.4AI score0.01491EPSS

Exploits0References1

vulnersOsv•added 2023/02/20 6:30 p.m.•3 views

org.apache.kerby:kerby-kdc-test (>=1.0.0-RC1 <=1.0.0-RC2) potentially affected by CVE-2023-25613 via org.apache.kerby:ldap-backend (>=1.0.0-RC1 <=1.0.0-RC2)

org.apache.kerby:ldap-backend MAVEN version =1.0.0-RC1, =1.0.0-RC1, =1.0.0-RC2 Source cves: CVE-2023-25613 Source advisory: OSV:GHSA-337F-XR2X-6FCF...

9.8CVSS7.2AI score0.01491EPSS

Exploits0