Lucene search
K

37 matches found

NVD
NVD
added 4 days ago8 views

CVE-2026-59998

sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the server is in Windows Active Directory...

6.5CVSS0.00179EPSS
Exploits0References3
Debian CVE
Debian CVE
added 4 days ago3 views

CVE-2026-59998

sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the server is in Windows Active Directory...

6.5CVSS5.9AI score0.00179EPSS
Exploits0
EUVD
EUVD
added 4 days ago15 views

EUVD-2026-42141

sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the server is in Windows Active Directory...

4.8CVSS5.9AI score0.00179EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Heimdal

Before version 7.7.1, Heimdal allowed attackers to cause a NULL pointer dereference in an SPNEGO acceptor, by using a preferredmechtype of GSSCNOOID and a non-zero initialresponse value for sendaccept...

7.5CVSS6.2AI score0.01223EPSS
Exploits0References1
OSV
OSV
added 2026/03/04 9:31 a.m.2 views

GHSA-FW88-PF9M-P947 Apache Artemis and Apache ActiveMQ Artemis are Missing Authentication for Critical Functions

Missing Authentication for Critical Function CWE-306 vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This cou...

9.8CVSS5.9AI score0.10629EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-4968

Malware in sbrugna...

5.3CVSS5.4AI score0.01347EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-31573

Malicious code in bioql PyPI...

7.5CVSS5.8AI score0.01223EPSS
Exploits0References7
Microsoft CVE
Microsoft CVE
added 2025/09/04 5:13 a.m.5 views

Rustls: rustls network-reachable panic in `acceptor::accept`

...

7.5CVSS7AI score0.00707EPSS
Exploits1
OSV
OSV
added 2024/11/25 4:57 p.m.7 views

GHSA-QG5G-GV98-5FFH rustls network-reachable panic in `Acceptor::accept`

A bug introduced in rustls 0.23.13 leads to a panic if the received TLS ClientHello is fragmented. Only servers that use rustls::server::Acceptor::accept are affected. Servers that use tokio-rustls's LazyConfigAcceptor API are affected. Servers that use tokio-rustls's TlsAcceptor API are not...

8.2CVSS7AI score0.00707EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2024/11/25 4:57 p.m.39 views

rustls network-reachable panic in `Acceptor::accept`

A bug introduced in rustls 0.23.13 leads to a panic if the received TLS ClientHello is fragmented. Only servers that use rustls::server::Acceptor::accept are affected. Servers that use tokio-rustls's LazyConfigAcceptor API are affected. Servers that use tokio-rustls's TlsAcceptor API are not...

7AI score
Exploits0References3Affected Software1
OSV
OSV
added 2024/11/22 12:0 p.m.18 views

RUSTSEC-2024-0399 rustls network-reachable panic in `Acceptor::accept`

A bug introduced in rustls 0.23.13 leads to a panic if the received TLS ClientHello is fragmented. Only servers that use rustls::server::Acceptor::accept are affected. Servers that use tokio-rustls's LazyConfigAcceptor API are affected. Servers that use tokio-rustls's TlsAcceptor API are not...

7.5CVSS7AI score0.00707EPSS
Exploits1References3
RustSec
RustSec
added 2024/11/22 12:0 p.m.13 views

rustls network-reachable panic in `Acceptor::accept`

A bug introduced in rustls 0.23.13 leads to a panic if the received TLS ClientHello is fragmented. Only servers that use rustls::server::Acceptor::accept are affected. Servers that use tokio-rustls's LazyConfigAcceptor API are affected. Servers that use tokio-rustls's TlsAcceptor API are not...

7.5CVSS7AI score0.00707EPSS
Exploits1Affected Software1
Positive Technologies
Positive Technologies
added 2024/11/22 12:0 a.m.7 views

PT-2024-40945 · Unknown +1 · Tokio-Rustls +2

Name of the Vulnerable Software and Affected Versions: rustls version 0.23.13 Description: A bug in rustls leads to a panic if the received TLS ClientHello is fragmented. This issue affects servers using rustls::server::Acceptor::accept and tokio-rustls's LazyConfigAcceptor API, but not those usi...

7.3AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2022/12/26 5:15 a.m.37 views

CVE-2021-44758

Heimdal before 7.7.1 allows attackers to cause a NULL pointer dereference in a SPNEGO acceptor via a preferredmechtype of GSSCNOOID and a nonzero initialresponse value to sendaccept...

7.5CVSS6.4AI score0.01223EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2022/12/26 12:0 a.m.41 views

CVE-2021-44758

Heimdal before 7.7.1 allows attackers to cause a NULL pointer dereference in a SPNEGO acceptor via a preferredmechtype of GSSCNOOID and a nonzero initialresponse value to sendaccept...

7.5CVSS5.7AI score0.01223EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2022/12/26 12:0 a.m.60 views

CVE-2021-44758

Heimdal before 7.7.1 allows attackers to cause a NULL pointer dereference in a SPNEGO acceptor via a preferredmechtype of GSSCNOOID and a nonzero initialresponse value to sendaccept...

7.5CVSS8.4AI score0.01223EPSS
Exploits0
CNNVD
CNNVD
added 2022/11/16 12:0 a.m.3 views

Heimdal 代码问题漏洞

Heimdal is a Kerberos implementation and security program from Heimdal Open Source. Heimdal has a security vulnerability that stems from a NULL dereference in the SPNEGO acceptor that leads to a DoS...

7.5CVSS6.2AI score0.01223EPSS
Exploits0References11
OSV
OSV
added 2020/08/21 9:15 p.m.3 views

CVE-2020-10125

NCR SelfServ ATMs running APTRA XFS 04.02.01 and 05.01.00 implement 512-bit RSA certificates to validate bunch note acceptor BNA software updates, which can be broken by an attacker with physical access in a sufficiently short period of time, thereby enabling the attacker to sign arbitrary files...

7.6CVSS7.3AI score0.0019EPSS
Exploits0References3
Prion
Prion
added 2020/08/21 9:15 p.m.13 views

Code injection

NCR SelfServ ATMs running APTRA XFS 05.01.00 do not properly validate softare updates for the bunch note acceptor BNA, enabling an attacker with physical access to internal ATM components to restart the host computer and execute arbitrary code with SYSTEM privileges because while booting, the...

7.2CVSS7.7AI score0.00279EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2020/08/21 8:30 p.m.85 views

CVE-2020-10126

CVE-2020-10126 concerns NCR SelfServ ATMs running APTRA XFS 05.01.00 . The issue is that the update process during boot does not validate the signature of CAB archives on removable media, causing arbitrary code execution with SYSTEM privileges when updating the BNA (bunch note acceptor). An attac...

7.6CVSS7.7AI score0.00279EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder