Lucene search
K

28 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-36619

Malicious code in bioql PyPI...

9.1CVSS7.7AI score0.01863EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.4 views

Azure Linux 3.0 Security Update: krb5 (CVE-2024-37371)

The version of krb5 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-37371 advisory. - In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token...

9.1CVSS7.2AI score0.01863EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/08 12:0 a.m.3 views

Wasm3 安全漏洞

Wasm3 is a fast WebAssembly interpreter and the most versatile WASM runtime from the Wasm3 open source. A security vulnerability exists in Wasm3 version 139076a, which stems from an invalid memory read attack that results in a denial of service and potentially code execution...

8.4CVSS7.2AI score0.0024EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/10/27 12:0 a.m.17 views

EulerOS Virtualization 2.12.1 : krb5 (EulerOS-SA-2024-2752)

According to the versions of the krb5 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending...

9.1CVSS7.3AI score0.01863EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.19 views

EulerOS 2.0 SP12 : krb5 (EulerOS-SA-2024-2506)

According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens wit...

9.1CVSS7.3AI score0.01863EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/09/12 12:0 a.m.24 views

EulerOS 2.0 SP9 : krb5 (EulerOS-SA-2024-2370)

According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the...

9.1CVSS7.3AI score0.01863EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/09/12 12:0 a.m.22 views

EulerOS 2.0 SP9 : krb5 (EulerOS-SA-2024-2395)

According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the...

9.1CVSS7.3AI score0.01863EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/08/06 12:0 a.m.34 views

CBL Mariner 2.0 Security Update: krb5 (CVE-2024-37371)

The version of krb5 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-37371 advisory. - In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token...

9.1CVSS7.2AI score0.01863EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/07/23 12:0 a.m.61 views

Amazon Linux 2 : krb5 (ALAS-2024-2595)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2595 advisory. krb5: GSS message token handling CVE-2024-37370 In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens wi...

9.1CVSS7.3AI score0.01863EPSS
Exploits0References6
OSV
OSV
added 2024/07/12 11:8 a.m.3 views

OESA-2024-1825 krb5 security update

Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. Security Fixes: In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS kr...

9.1CVSS7.1AI score0.01863EPSS
Exploits0References3
Mageia
Mageia
added 2024/07/03 4:36 p.m.43 views

Updated krb5 packages fix security vulnerabilities

Before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application. CVE-2024-37370 Before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending...

9.1CVSS7.2AI score0.01863EPSS
Exploits0References1
Veracode
Veracode
added 2024/07/01 11:46 a.m.18 views

Denial Of Service (DoS)

MIT Kerberos 5 is vulnerable to Denial Of Service DoS. The vulnerability is due to insufficient validation of length fields in message tokens, allowing an attacker to cause invalid memory reads by sending tokens with invalid length values...

9.1CVSS6.6AI score0.01863EPSS
Exploits0References4Affected Software2
NVD
NVD
added 2024/06/28 11:15 p.m.28 views

CVE-2024-37371

In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields...

9.1CVSS0.01863EPSS
Exploits0References5
OSV
OSV
added 2024/06/28 11:15 p.m.4 views

AZL-42996 CVE-2024-37371 affecting package krb5 for versions less than 1.21.3-1

In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields...

9.1CVSS7.2AI score0.01863EPSS
Exploits0References1
OSV
OSV
added 2024/06/28 11:15 p.m.2 views

DEBIAN-CVE-2024-37371

In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields...

9.1CVSS7.4AI score0.01863EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/06/28 11:15 p.m.28 views

CVE-2024-37371

In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields...

9.1CVSS7AI score0.01863EPSS
Exploits0References3
OSV
OSV
added 2024/06/28 12:0 a.m.23 views

CVE-2024-37371

In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields...

9.1CVSS6.6AI score0.01863EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/06/27 12:0 a.m.6 views

PT-2024-6097

Name of the Vulnerable Software and Affected Versions: MIT Kerberos 5 versions prior to 1.21.3 Description: The issue is related to the handling of GSS message tokens in the Kerberos authentication protocol. An attacker can cause invalid memory reads by sending message tokens with invalid length...

9.1CVSS8.2AI score0.16212EPSS
Exploits3References402
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.33 views

openSUSE Security Update : GraphicsMagick (openSUSE-2019-486)

This update for GraphicsMagick fixes the following issues : The following security fixes were fixed : - CVE-2018-10805: Fixed a memory leak in ReadYCBCRImage in coders/ycbcr.c and rgb.c, cmyk.c and gray.c boo1095812 - Fixed invalid memory reads in dcm.c boo1075821c14 %NASLMINLEVEL 70300 C Tenable...

6.5CVSS6.8AI score0.01844EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2019/01/09 12:0 a.m.65 views

Debian: Security Advisory (DLA-1631-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.7AI score0.02311EPSS
Exploits4References3
Rows per page
Query Builder