Lucene search
K

8977 matches found

Microsoft CVE
Microsoft CVE
added 2026/01/16 9:3 a.m.5 views

SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf

...

5.5CVSS5.4AI score0.0016EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

MiracleLinux 4 : java-1.8.0-openjdk-1.8.0.232.b09-1.AXS4 (AXSA:2019-4356:04)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4356:04 advisory. OpenJDK: Improper handling of Kerberos proxy credentials Kerberos, 8220302 CVE-2019-2949 OpenJDK: Unexpected exception thrown during regular...

6.8CVSS6.8AI score0.03749EPSS
Exploits0References15
NVD
NVD
added 2026/01/14 3:16 p.m.7 views

CVE-2025-71120

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf A zero length gsstoken results in pages == 0 and intoken-pages0 is NULL. The code unconditionally evaluates pageaddressintoken-pages0 for the initia...

5.5CVSS0.0016EPSS
Exploits0References7
OSV
OSV
added 2026/01/14 3:16 p.m.3 views

UBUNTU-CVE-2025-71120

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf A zero length gsstoken results in pages == 0 and intoken-pages0 is NULL. The code unconditionally evaluates pageaddressintoken-pages0 for the initia...

5.5CVSS5.9AI score0.0016EPSS
Exploits0References37
Vulnrichment
Vulnrichment
added 2026/01/14 3:6 p.m.5 views

CVE-2025-71120 SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf A zero length gsstoken results in pages == 0 and intoken-pages0 is NULL. The code unconditionally evaluates pageaddressintoken-pages0 for the initia...

5.7AI score0.0016EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/01/14 3:6 p.m.3 views

CVE-2025-71120

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf A zero length gsstoken results in pages == 0 and intoken-pages0 is NULL. The code unconditionally evaluates pageaddressintoken-pages0 for the initia...

5.3AI score0.0016EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2026/01/14 3:6 p.m.5 views

CVE-2025-71120 SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf A zero length gsstoken results in pages == 0 and intoken-pages0 is NULL. The code unconditionally evaluates pageaddressintoken-pages0 for the initia...

5.5CVSS5.4AI score0.0016EPSS
Exploits0References10
CVE
CVE
added 2026/01/14 3:6 p.m.44 views

CVE-2025-71120

CVE-2025-71120 (Linux kernel) involves SUNRPC: svcauth_gss handling of a zero-length gss_token, which can dereference NULL when copying. The vulnerability occurs because code unconditionally dereferenced in_token->pages[0] during the initial memcpy, even if the copy length is 0. The fix guards...

5.5CVSS6.3AI score0.0016EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-71120

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf A zero length gsstoken results in pages == 0 and intoken-pages0 is NULL. The co...

5.5CVSS6.5AI score0.0016EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 12:45 p.m.10 views

CVE-2005-1150

Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier, when running on Windows systems, allows attackers to cause a denial of service hang...

5CVSS6.8AI score0.01792EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:54 a.m.16 views

CVE-2009-4314

Sun Ray Server Software 4.1 on Solaris 10, when Automatic Multi-Group Hotdesking AMGH is enabled, responds to a logout action by immediately logging the user in again, which makes it easier for physically proximate attackers to obtain access to a session by going to an unattended DTU device...

4.4CVSS6.8AI score0.00333EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:51 a.m.7 views

CVE-2009-4190

Unspecified vulnerability in the kernel in Sun OpenSolaris 2009.06 allows remote attackers to cause a denial of service panic via unknown vectors, as demonstrated by the vdsolaris2 module in VulnDisco Pack Professional 8.12. NOTE: as of 20091203, this disclosure has no actionable information...

7.8CVSS7AI score0.0121EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:51 a.m.8 views

CVE-2009-4774

Unspecified vulnerability in Sun Solaris 10 and OpenSolaris snv49 through snv117, when 64bit mode is used on the Intel x86 platform and a Linux lx branded zone is configured, allows local users to cause a denial of service panic via unspecified vectors, a different vulnerability than CVE-2007-622...

4.9CVSS6.5AI score0.00358EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:50 a.m.5 views

CVE-2009-4294

Unspecified vulnerability in the Authentication Manager aka utauthd in Sun Ray Server Software 4.0 and 4.1 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors...

10CVSS8.2AI score0.05718EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:47 a.m.10 views

CVE-2010-0361

Stack-based buffer overflow in the WebDAV implementation in webservd in Sun Java System Web Server aka SJWS 7.0 Update 7 allows remote attackers to cause a denial of service daemon crash and possibly have unspecified other impact via a long URI in an HTTP OPTIONS request...

10CVSS7.8AI score0.80521EPSS
Exploits20References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:43 a.m.11 views

CVE-2010-0360

Sun Java System Web Server aka SJWS 7.0 Update 7 allows remote attackers to overwrite memory locations in the heap, and discover the contents of memory locations, via a malformed HTTP TRACE request that includes a long URI and many empty headers, related to an "overflow." NOTE: this might overlap...

10CVSS6.8AI score0.03573EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:43 a.m.18 views

CVE-2010-0386

The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method, which makes it easier for remote attackers to steal cookies and authentication credentials via a cross-site tracing XST attack, a related issue to CVE-2004-2763 and CVE-2005-3398...

5.8CVSS7AI score0.13108EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:42 a.m.7 views

CVE-2001-1582

Buffer overflow in the LDAP naming services library libsldap in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAPOPTIONS environment variable to a privileged program that uses libsldap...

7.2CVSS7.8AI score0.01297EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:38 a.m.12 views

CVE-2003-1521

Sun Java Plug-In 1.4 through 1.4.202 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model...

6.4CVSS7.2AI score0.05836EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:38 a.m.5 views

CVE-2003-1125

Unknown vulnerability in ns-ldapd for Sun ONE Directory Server 4.16, 5.0, and 5.1 allows LDAP clients to cause a denial of service service halt...

5CVSS6.8AI score0.01157EPSS
Exploits0References1
Rows per page
Query Builder