4762 matches found
krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read
A flaw was found in MIT Kerberos 5 krb5. An unauthenticated remote attacker can exploit an integer underflow and an out-of-bounds read vulnerability by calling gssacceptseccontext on a system with a NegoEx mechanism registered. This can lead to the process terminating, resulting in a Denial of...
AlmaLinux 8 : krb5 (ALSA-2026:16799)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:16799 advisory. krb5: MIT Kerberos 5 krb5: Denial of Service via integer underflow and out-of-bounds read CVE-2026-40356 krb5: MIT Kerberos 5: Denial of Service via NULL...
Important: krb5 security update
Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...
ALSA-2026:16799 Important: krb5 security update
Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...
UBUNTU-CVE-2026-42268
ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. From 3.0.0 to before 3.0.15, there is an unhandled exception std::outofrange caused by unsigned integer underflow in libmodsecurity3 if the user administrator uses a rule any of @verifySSN...
EUVD-2026-29774
CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition...
EUVD-2026-29769
CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition...
CVE-2026-34672
CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a...
CVE-2026-34667
CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a...
CVE-2026-34672 CAI Content Credentials | Integer Underflow (Wrap or Wraparound) (CWE-191)
CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a...
CVE-2026-34672 CAI Content Credentials | Integer Underflow (Wrap or Wraparound) (CWE-191)
CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a...
CVE-2026-34672
CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition...
CVE-2026-34672
The CVE-2026-34672 issue affects CAI Content Credentials versions 0.78.2, 0.7.0 and earlier. The root cause is an Integer Underflow (wrap/wraparound) leading to an application denial-of-service, with exploitation possible without user interaction. The vulnerability can cause the application to cr...
CVE-2026-34667
CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition...
CVE-2026-34667
CAI Content Credentials (versions 0.78.2, 0.7.0 and earlier) are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that can crash the application and cause a denial-of-service. Exploitation does not require user interaction and is described as a local issue with a CVSS v3.1 base...
CVE-2026-34667 CAI Content Credentials | Integer Underflow (Wrap or Wraparound) (CWE-191)
CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a...
CVE-2026-34667 CAI Content Credentials | Integer Underflow (Wrap or Wraparound) (CWE-191)
CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a...
EUVD-2026-29659
Integer underflow wrap or wraparound in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...
CVE-2026-40397
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...
CVE-2026-40397
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally...