219 matches found
EUVD-2019-11471
Malware in sbrugna...
EUVD-2018-17499
Malware in sbrugna...
EUVD-2022-41574
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2018-5729
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service NULL pointer...
Linux Distros Unpatched Vulnerability : CVE-2018-5730
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by...
Huawei EulerOS: Security Advisory for telnet (EulerOS-SA-2024-1975)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : telnet (EulerOS-SA-2024-1975)
According to the versions of the telnet package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. ...
Huawei EulerOS: Security Advisory for telnet (EulerOS-SA-2024-1948)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : telnet (EulerOS-SA-2024-1948)
According to the versions of the telnet package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. ...
MIT krb5: Multiple Vulnerabilities
Background MIT krb5 is the free implementation of the Kerberos network authentication protocol by the Massachusetts Institute of Technology. Description Multiple vulnerabilities have been discovered in MIT krb5. Please review the CVE identifiers referenced below for details. Impact Please review...
Security Bulletin: IBM Security Guardium is affected by a denial of service vulnerability in MIT keb5 (CVE-2022-42898)
Summary IBM Security Guardium has fixed this vulnerability by upgrading the version of MIT krb5 that it uses. Vulnerability Details CVEID:CVE-2022-42898 DESCRIPTION: MIT krb5 is vulnerable to a denial of service, caused by an integer overflow in PAC parsing in the krb5parsepac function. By sendin...
CVE-2023-39975
A vulnerability was found in MIT krb5, where an authenticated attacker can cause a KDC to free the same pointer twice if it can induce a failure in authorization data handling...
Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : Inetutils vulnerabilities (USN-6304-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6304-1 advisory. It was discovered that telnetd in GNU Inetutils incorrectly handled certain inputs. An attacker could possibly use this issue to caus...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in MIT krb5 (CVE-2022-42898).
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in MIT krb5 caused by an integer overflow in PAC parsing in the krb5parsepac function CVE-2022-42898. MIT krb5 is included as part of the Base OS used by our service images. Please read th...
Debian: Security Advisory (DSA-2129-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2023-1336)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2023-1321)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.
Summary Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak. Python is used by IBM Robotic Process Automation as part of the Watson NLP functionality CVE-2015-20107. GNOME libxml2 is used by IBM Robotic Process Automation as part of container base images,...
Security Bulletin: IBM App Connect Enterprise Certified Container may be vulnerable to denial of service due to [CVE-2022-42898]
Summary MIT krb5 is not used directly by IBM App Connect Enterprise Certified Container but it is a part of the base operating system in the images. IBM App Connect Enterprise Certified Container may be vulnerable to denial of service. This bulletin provides patch information to address the...
Security Bulletin: Multiple Vulnerabilities in base image packages affect IBM Voice Gateway
Summary Security Vulnerabilities in base image packages affect IBM Voice Gateway. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2022-37434 DESCRIPTION: zlib is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by inflate in inflate.c. By usi...