20 matches found
python-kdcproxy: Unauthenticated SSRF via Realm‑Controlled DNS SRV
If kdcproxy receives a request for a realm which does not have server addresses defined in its configuration, by default, it will query SRV records in the DNS zone matching the requested realm name. This creates a server-side request forgery vulnerability, since an attacker could send a request f...
python-kdcproxy: Remote DoS via unbounded TCP upstream buffering
If an attacker causes kdcproxy to connect to an attacker-controlled KDC server e.g. through server-side request forgery, they can exploit the fact that kdcproxy does not enforce bounds on TCP response length to conduct a denial-of-service attack. While receiving the KDC's response, kdcproxy copie...
CVE-2025-59088
If kdcproxy receives a request for a realm which does not have server addresses defined in its configuration, by default, it will query SRV records in the DNS zone matching the requested realm name. This creates a server-side request forgery vulnerability, since an attacker could send a request f...
EUVD-2025-17772
Malicious code in bioql PyPI...
EUVD-2025-20620
Malicious code in bioql PyPI...
CVE-2025-49735
Use after free in Windows KDC Proxy Service KPSSVC allows an unauthorized attacker to execute code over a network...
CVE-2025-49735
Use after free in Windows KDC Proxy Service KPSSVC allows an unauthorized attacker to execute code over a network...
CVE-2025-49735 Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability
...
CVE-2025-49735
CVE-2025-49735 describes a use-after-free vulnerability in Windows KDC Proxy Service (KPSSVC) that could allow remote code execution over the network. The entry is publicly tracked with a Network attack vector, high impact on confidentiality, integrity, and availability (CVSS v3.1 base score 8.1)...
CVE-2025-49735 Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability
...
Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability
Use after free in Windows KDC Proxy Service KPSSVC allows an unauthorized attacker to execute code over a network...
PT-2025-28622
Name of the Vulnerable Software and Affected Versions: Windows KDC Proxy Service KPSSVC affected versions not specified Description: The issue is related to a use after free condition in the Windows KDC Proxy Service, allowing an unauthorized attacker to execute code over a network. This enables...
The vulnerability of the KDC Proxy Service (KPSSVC) on Microsoft Windows operating systems allows a perpetrator to execute arbitrary code.
The vulnerability of the KDC Proxy Service KPSSVC on Microsoft Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
CVE-2025-33071
Use after free in Windows KDC Proxy Service KPSSVC allows an unauthorized attacker to execute code over a network...
CVE-2025-33071
Use after free in Windows KDC Proxy Service KPSSVC allows an unauthorized attacker to execute code over a network...
CVE-2025-33071 Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability
...
CVE-2025-33071 Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability
...
CVE-2025-33071
CVE-2025-33071 is an RCE flaw affecting the Windows KDC Proxy Service (KPSSVC). The vulnerability arises from a use-after-free in KPSSVC, enabling a remote attacker to execute code over the network on affected Windows systems. The CVE is rated high severity (CVSS ~8.1/8.1–8.10, depending on sourc...
Windows KDC Proxy Service (KPSSVC) Remote Code Execution Vulnerability
Use after free in Windows KDC Proxy Service KPSSVC allows an unauthorized attacker to execute code over a network...
PT-2025-24856
Name of the Vulnerable Software and Affected Versions Windows KDC Proxy Service KPSSVC affected versions not specified Description The issue allows an unauthorized attacker to execute code over a network due to a use after free flaw in the Windows KDC Proxy Service. This enables remote attackers ...