Lucene search
+L

6 matches found

Cvelist
Cvelist
added 2026/07/09 2:19 p.m.39 views

CVE-2026-60109 Zeek < 8.0.9 Null Pointer Dereference DoS via Kerberos KRB_ERROR Parsing

Zeek before 8.0.9 contains a null pointer dereference vulnerability in its Kerberos protocol analyzer that allows unauthenticated remote attackers to crash the sensor by sending a crafted KRBERROR message with error-code 25 KDCERRPREAUTHREQUIRED containing a PA-DATA element with padata-type 2, 3,...

8.7CVSS0.00502EPSS
Exploits0References3
OSV
OSV
added 2026/07/09 2:19 p.m.3 views

CVE-2026-60109 Zeek < 8.0.9 Null Pointer Dereference DoS via Kerberos KRB_ERROR Parsing

Zeek before 8.0.9 contains a null pointer dereference vulnerability in its Kerberos protocol analyzer that allows unauthenticated remote attackers to crash the sensor by sending a crafted KRBERROR message with error-code 25 KDCERRPREAUTHREQUIRED containing a PA-DATA element with padata-type 2, 3,...

8.7CVSS6.1AI score0.00502EPSS
Exploits0References6
OSV
OSV
added 2026/07/02 2:13 p.m.4 views

PYSEC-2026-636 Code injection in FreeIPA

A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way the internal function berscanf was used in some components of the IPA server, which parsed kerberos key data. An unauthenticated attacker who could trigger...

8.8CVSS6.1AI score0.06329EPSS
Exploits0References13
NVD
NVD
added 2026/05/01 2:16 p.m.7 views

CVE-2026-42483

A heap-based buffer overflow in the Kerberos hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted Kerberos hash file. The issue affects modulehashdecode in multiple Kerberos-related modules because accountinfolen is...

9.8CVSS0.00304EPSS
Exploits1References1
OSV
OSV
added 2022/12/25 6:15 a.m.7 views

AZL-12123 CVE-2022-42898 affecting package samba 4.12.5-7

PAC parsing in MIT Kerberos 5 aka krb5 before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution in KDC, kadmind, or a GSS or Kerberos application server on 32-bit platforms which have a resultant heap-based buffer overflow, and cause a denial of service ...

8.8CVSS7.4AI score0.06419EPSS
Exploits1References1
Cent OS
Cent OS
added 2013/11/05 8:45 p.m.77 views

java security update

CentOS Errata and Security Advisory CESA-2013:1505 Updated java-1.6.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scorin...

10CVSS6.9AI score0.24738EPSS
Exploits0References7
Rows per page
Query Builder