CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1119 matches found

SUSE CVE-2026-11850

An integer underflow vulnerability was found in MIT krb5 in the berval2tldata function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c. The function performs an unsigned subtraction bvlen - 2 without a prior bounds check. When bvlen is 0 or 1, the subtraction wraps to a large value which is then...

5CVSS5.4AI score0.00261EPSS

Exploits0References3

Tenable Nessus•added 2026/04/29 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2026-40356

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In MIT Kerberos 5 aka krb5 before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gssacceptseccontext on a system...

5.9CVSS5.9AI score0.00461EPSS

Exploits0References3

CVE•added 2026/04/28 12:0 a.m.•50 views

CVE-2026-40355

MIT Kerberos 5 (krb5) before 1.22.3 is affected by a NULL pointer dereference in gss_accept_sec_context when a NegoEx mechanism is registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parse_nego_message (denial of service). Affected...

5.9CVSS5.5AI score0.00461EPSS

Exploits0References3

Tenable Nessus•added 2026/01/22 12:0 a.m.•3 views

Azure Linux 3.0 Security Update: krb5 (CVE-2024-26462)

The version of krb5 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26462 advisory. - Kerberos 5 aka krb5 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c. CVE-2024-26462 Note th...

5.5CVSS5.6AI score0.00437EPSS

Exploits1References2

CVE•added 2026/01/16 12:0 a.m.•444 views

CVE-2025-24528

CVE-2025-24528 affects MIT Kerberos 5 (krb5) up to but not including 1.22; the issue is an integer overflow in kdb_log.c during a large update resize, which can cause an out-of-bounds write and crash the kadmind daemon after authentication. Public references consistently describe the vulnerabilit...

7.1CVSS7.2AI score0.00606EPSS

Exploits0References3

Tenable Nessus•added 2026/01/16 12:0 a.m.•3 views

MiracleLinux 7 : krb5-1.15.1-34.el7 (AXSA:2018-3419:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-3419:03 advisory. krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data CVE-2018-5729 krb5: DN container check bypass by...

6.5CVSS6.4AI score0.026EPSS

Exploits0References3