CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/06/03 12:0 a.m.•6 views

Ubuntu 24.04 LTS / 25.10 / 26.04 LTS : GNU SASL vulnerability (USN-8356-1)

The remote Ubuntu 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8356-1 advisory. It was discovered that GNU SASL did not properly handle certain DIGEST-MD5 tokens. An attacker could possibly use this issue to cause GNU SASL...

7.5CVSS5.9AI score0.00473EPSS

Ubuntu•added 2026/06/01 2:22 p.m.•10 views

USN-8356-1: GNU SASL vulnerability

It was discovered that GNU SASL did not properly handle certain DIGEST-MD5 tokens. An attacker could possibly use this issue to cause GNU SASL to crash, resulting in a denial of service...

OSV•added 2026/06/01 2:22 p.m.•6 views

USN-8356-1 gsasl vulnerability

It was discovered that GNU SASL did not properly handle certain DIGEST-MD5 tokens. An attacker could possibly use this issue to cause GNU SASL to crash, resulting in a denial of service...

SUSE CVE•added 2026/05/27 10:56 a.m.•10 views

SUSE CVE-2026-48829

In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This occurs in lib/digest-md5/getsubopt.c...

RedhatCVE•added 2026/05/26 8:14 p.m.•7 views

Exploits0References3

CVE-2026-48829

Tenable Nessus•added 2026/05/25 12:0 a.m.•10 views

Exploits0References1

Linux Distros Unpatched Vulnerability : CVE-2026-48829

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This...

7.5CVSS5.5AI score0.00473EPSS

UbuntuCve•added 2026/05/24 4:16 a.m.•13 views

CVE-2026-48829

OSV•added 2026/05/24 4:16 a.m.•3 views

UBUNTU-CVE-2026-48829

Cvelist•added 2026/05/24 2:22 a.m.•13 views

Exploits0References6

CVE-2026-48829

7.5CVSS0.00473EPSS

CVE•added 2026/05/24 2:22 a.m.•56 views

CVE-2026-48829

Technical details (affected product/versions, root cause, impact, fixes) are not publicly available in the provided documents. Monitor for updates.

ATTACKERKB•added 2026/05/24 2:22 a.m.•11 views

Exploits0References5

CVE-2026-48829

EUVD•added 2026/05/24 2:22 a.m.•8 views

Exploits0References5

EUVD-2026-31562

Vulnrichment•added 2026/05/24 2:22 a.m.•5 views

CVE-2026-48829

Debian CVE•added 2026/05/24 2:22 a.m.•8 views

CVE-2026-48829

Positive Technologies•added 2026/05/24 12:0 a.m.•10 views

PT-2026-42903

Name of the Vulnerable Software and Affected Versions GNU SASL versions prior to 2.2.3 Description DIGEST-MD5 contains a NULL pointer dereference affecting both clients and servers. This issue occurs in the file lib/digest-md5/getsubopt.c when a known token is provided without an accompanying =...

Debian•added 2026/05/14 2:38 p.m.•6 views

Exploits0References18

[SECURITY] [DSA 6271-1] gsasl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6271-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 14, 2026 https://www.debian.org/security/faq -...

5.8AI score

EUVD•added 2025/10/03 8:7 p.m.•6 views

EUVD-2022-34729

Malicious code in bioql PyPI...

8.1CVSS7.3AI score0.01086EPSS

Exploits0References5

Redos•added 2024/11/12 12:0 a.m.•12 views

ROS-20241112-01

An implementation vulnerability in the Simple Authentication and Security Layer GNU SASL framework is related to reading outside the outside the allocated space on the GNU SASL libgsasl server side using a malicious authenticated GSS-API client. Exploitation of the vulnerability could allow an...

8.1CVSS6.6AI score0.01086EPSS

OpenVAS•added 2023/06/16 12:0 a.m.•31 views

Ubuntu: Security Advisory (USN-6169-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.1AI score0.01086EPSS