Lucene search
K

13 matches found

NVD
NVD
added 2026/06/23 4:17 a.m.19 views

CVE-2026-55654

A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds read, occurs during the cleanup of GSSAPI Generic Security Service Application Programming Interface indicators when a trailing NULL termination is missing in the auth-indicators array. A remote attacker, under specific...

3.7CVSS0.00367EPSS
Exploits1References3
OSV
OSV
added 2026/06/23 4:17 a.m.4 views

UBUNTU-CVE-2026-55654

A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds read, occurs during the cleanup of GSSAPI Generic Security Service Application Programming Interface indicators when a trailing NULL termination is missing in the auth-indicators array. A remote attacker, under specific...

3.7CVSS5.8AI score0.00367EPSS
Exploits1References3
CVE
CVE
added 2026/06/23 3:37 a.m.89 views

CVE-2026-55654

CVE-2026-55654 describes a heap out-of-bounds read in OpenSSH during GSSAPI indicator cleanup when a trailing NULL termination is missing in the auth-indicators array. A remote attacker in configurations using GSSAPI authentication with Kerberos could trigger a crash/abort in the SSH authenticati...

3.7CVSS5.8AI score0.00367EPSS
Exploits1References3Affected Software3
Cvelist
Cvelist
added 2026/06/23 3:37 a.m.61 views

CVE-2026-55654 Openssh: heap out-of-bounds read in red hat enterprise linux versions of openssh gssapi indicator cleanup due to missing null sentinel termination

A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds read, occurs during the cleanup of GSSAPI Generic Security Service Application Programming Interface indicators when a trailing NULL termination is missing in the auth-indicators array. A remote attacker, under specific...

3.7CVSS0.00367EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.14 views

PT-2026-51472

Name of the Vulnerable Software and Affected Versions OpenSSH affected versions not specified Description A heap out-of-bounds read occurs during the cleanup of GSSAPI Generic Security Service Application Programming Interface indicators when a trailing NULL termination is missing in the...

3.7CVSS6.1AI score0.00367EPSS
Exploits1References19
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-55654

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds read, occurs during the cleanup of GSSAPI Generic Security Service Application Programming...

3.7CVSS5.8AI score0.00367EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2014-9103

Malware in sbrugna...

4CVSS6.2AI score0.01833EPSS
Exploits0References12
F5 Networks
F5 Networks
added 2023/02/21 7:52 p.m.73 views

K16009: OpenSSH vulnerability CVE-2014-9278

Security Advisory Description The OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7 and when running in a Kerberos environment, allows remote authenticated users to log in as another user when they are listed in the .k5users file of that user, which might bypass intended...

4CVSS6.4AI score0.01833EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 6:11 a.m.7 views

SUSE CVE-2007-3149

sudo, when linked with MIT Kerberos 5 krb5, does not properly check whether a user can currently authenticate to Kerberos, which allows local users to gain privileges, in a manner unintended by the sudo security model, via certain KRB5 environment variable settings. NOTE: another researcher...

7.2CVSS6.8AI score0.00363EPSS
Exploits0References3
Veeam
Veeam
added 2023/01/30 12:0 a.m.26 views

Application-Aware Processing Tasks Fail in a Kerberos-Only Environment After Upgrading to Veeam Backup & Replication 12

Challenge If you use persistent agents for guest OS processing in a Kerberos-only environment, after upgrading to Veeam Backup & Replication 12, some backup jobs may fail with the error: Failed to connect to guest agent, failing over to guest agent through VIX Failed to connect to guest agent...

7.4AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.67 views

NewStart CGSL MAIN 4.05 : openssh-latest Multiple Vulnerabilities (NS-SA-2019-0146)

The remote NewStart CGSL host, running version MAIN 4.05, has openssh-latest packages installed that are affected by multiple vulnerabilities: - scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice...

9.8CVSS7.7AI score0.88944EPSS
Exploits38References16
UbuntuCve
UbuntuCve
added 2014/12/06 3:59 p.m.56 views

CVE-2014-9278

The OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7 and when running in a Kerberos environment, allows remote authenticated users to log in as another user when they are listed in the .k5users file of that user, which might bypass intended authentication requirements that would...

4CVSS6.8AI score0.01833EPSS
Exploits0References2
Cvelist
Cvelist
added 2014/12/06 3:0 p.m.36 views

CVE-2014-9278

The OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7 and when running in a Kerberos environment, allows remote authenticated users to log in as another user when they are listed in the .k5users file of that user, which might bypass intended authentication requirements that would...

8.8AI score0.01833EPSS
Exploits0References8
Rows per page
Query Builder