Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Tenable Nessus
Tenable Nessusadded 2024/02/29 12:0 a.m.35 views

CentOS 9 : krb5-1.21.1-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the krb5-1.21.1-1.el9 build changelog. - kdc/dotgsreq.c in MIT Kerberos 5 aka krb5 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an...

8.8CVSS7.2AI score0.01226EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletinsadded 2023/12/20 2:34 p.m.44 views

Security Bulletin: IBM Security Guardium is affected by a multiple vulnerabilities (CVE-2023-39975, CVE-2023-34042)

Summary IBM Security Guardium has fixed these vulnerabilities Vulnerability Details CVEID:CVE-2023-39975 DESCRIPTION: MIT Kerberos 5 aka krb5 is vulnerable to a denial of service, caused by a double free in KDC TGS processing. By sending a specially crafted request, a remote authenticated attacke...

8.8CVSS7.1AI score0.01226EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVEadded 2023/11/18 1:50 a.m.1 views

SUSE CVE-2023-39975

kdc/dotgsreq.c in MIT Kerberos 5 aka krb5 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another...

8.8CVSS8AI score0.01226EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2023/11/07 12:0 a.m.23 views

RHEL 9 : krb5 (RHSA-2023:6699)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6699 advisory. Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending...

8.8CVSS7.3AI score0.01226EPSS
Exploits0References12
Veracode
Veracodeadded 2023/08/18 3:50 a.m.26 views

Double Free

libkrb5.so is vulnerable to Double Free. The vulnerability exists due to a failure in authorization data handling in the dotgsreq.c, which allows an attacker to cause the Key Distribution Center KDC to free the same pointer twice when incorrect data is copied from one ticket to another...

8.8CVSS6.7AI score0.01226EPSS
Exploits0References9Affected Software1
NVD
NVDadded 2023/08/16 3:15 p.m.19 views

CVE-2023-39975

kdc/dotgsreq.c in MIT Kerberos 5 aka krb5 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another...

8.8CVSS8.5AI score0.01226EPSS
Exploits0References6
Cvelist
Cvelistadded 2023/08/16 12:0 a.m.22 views

CVE-2023-39975

kdc/dotgsreq.c in MIT Kerberos 5 aka krb5 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another...

8.7AI score0.01226EPSS
Exploits0References6
Tenable Nessus
Tenable Nessusadded 2023/08/10 12:0 a.m.28 views

Fedora 38 : krb5 (2023-ca086f015c)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-ca086f015c advisory. This is a backport of the upstream fix for CVE-2023-39975: https://github.com/krb5/krb5/pull/1312 Tenable has extracted the preceding description block...

8.8CVSS7.2AI score0.01226EPSS
Exploits0References2
Rows per page
Query Builder