CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1572 matches found

IBM Security Bulletins•added 2026/06/10 7:46 a.m.•7 views

Security Bulletin: IBM Cloud Pak for Data System 1.0 is affected by multiple vulnerabilities

Summary IBM Cloud Pak for Data System 1.0 CPDS 1.0 includes multiple third-party components that are affected by various security vulnerabilities. These vulnerabilities include integer overflow issues in GLib leading to heap corruption and denial of service, a write-what-where condition in the...

9.8CVSS7.4AI score0.92165EPSS

Exploits31Affected Software1

Tenable Nessus•added 2026/04/29 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2026-40356

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In MIT Kerberos 5 aka krb5 before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gssacceptseccontext on a system...

5.9CVSS5.9AI score0.00461EPSS

Exploits0References3

ATTACKERKB•added 2026/04/28 12:0 a.m.•6 views

CVE-2026-40356

In MIT Kerberos 5 aka krb5 before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, possibly causing the process t...

5.9CVSS5.5AI score0.00461EPSS

Exploits0References4Affected Software1

CVE•added 2026/04/28 12:0 a.m.•53 views

CVE-2026-40355

MIT Kerberos 5 (krb5) before 1.22.3 is affected by a NULL pointer dereference in gss_accept_sec_context when a NegoEx mechanism is registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parse_nego_message (denial of service). Affected...

5.9CVSS5.5AI score0.00461EPSS

Exploits0References3

CVE•added 2026/01/16 12:0 a.m.•447 views

CVE-2025-24528

CVE-2025-24528 affects MIT Kerberos 5 (krb5) up to but not including 1.22; the issue is an integer overflow in kdb_log.c during a large update resize, which can cause an out-of-bounds write and crash the kadmind daemon after authentication. Public references consistently describe the vulnerabilit...

7.1CVSS7.2AI score0.00606EPSS

Exploits0References3