Lucene search
K

3733 matches found

gitee
gitee
added 2025/09/06 12:17 a.m.84 views

La MaraDNS

MaraDNS is a small open-source DNS server. It is an authoritative DNS server that handles recursion using the included "Deadwood" program. The MaraDNS repository contains various files, including a README, CHANGELOG, and Dockerfile, which provide information on how to compile and run MaraDNS, as...

7.4AI score
Exploits0
githubexploit
githubexploit
added 2025/08/01 8:42 p.m.386 views

Exploit for CVE-2025-41373

CVE-2025-41373 – SQL Injection in Gandia Integra Total Auth...

8.7CVSS9.8AI score0.0107EPSS
Exploits2
githubexploit
githubexploit
added 2025/07/27 5:22 p.m.189 views

Exploit for Improper Handling of Insufficient Permissions or Privileges in Apple Macos

CVE-2023-42931 The exploit targets a LPE works on macOS 14.0-1...

8.3CVSS3.8AI score0.01171EPSS
Exploits2
nessus
nessus
added 2025/07/25 12:0 a.m.2 views

NewStart CGSL MAIN 7.02 : krb5 Multiple Vulnerabilities (NS-SA-2025-0147)

The remote NewStart CGSL host, running version MAIN 7.02, has krb5 packages installed that are affected by multiple vulnerabilities: - In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid leng...

9.1CVSS7.4AI score0.01863EPSS
Exploits2References9
githubexploit
githubexploit
added 2025/07/23 6:57 p.m.275 views

Exploit for CVE-2025-7766

CVE-2025-7766 PoC Exploit PoC for exploiting XML External Ent...

8.6CVSS9.7AI score0.01667EPSS
Exploits2
gitee
gitee
added 2025/07/06 2:42 a.m.72 views

Exploit for CVE-2018-2636

This is a low-interaction honeypot designed to detect the CVE-2018-2636 directory traversal vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications MICROS. The honeypot simulates a MICROS server and allows attackers to use the vulnerability to "steal files" a...

8.1CVSS6.7AI score0.13725EPSS
Exploits5
rosalinux
rosalinux
added 2025/06/09 8:56 a.m.7 views

Advisory ROSA-SA-2025-2889

Software: krb5 1.18.2 OS: ROSA Virtualization 3.0 packageevrstring: krb5-1.18.2-32.0.1.rv30 CVE-ID: CVE-2025-3576 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the MIT Kerberos implementation allows an attacker to spoof messages protected by GSSAPI using RC4-HMAC-MD5 due to...

5.9CVSS6AI score0.00308EPSS
Exploits0
nessus
nessus
added 2025/06/09 12:0 a.m.7 views

NewStart CGSL MAIN 7.02 : krb5 Multiple Vulnerabilities (NS-SA-2025-0081)

The remote NewStart CGSL host, running version MAIN 7.02, has krb5 packages installed that are affected by multiple vulnerabilities: - In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid leng...

9.1CVSS7.3AI score0.01863EPSS
Exploits2References7
nessus
nessus
added 2025/05/27 12:0 a.m.25 views

ABB M2M Gateway Integer Overflow in embedded Krb5-libs (CVE-2022-42898)

PAC parsing in MIT Kerberos 5 aka krb5 before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution in KDC, kadmind, or a GSS or Kerberos application server on 32-bit platforms which have a resultant heap-based buffer overflow, and cause a denial of service ...

8.8CVSS6.5AI score0.06419EPSS
Exploits1References25
redhatcve
redhatcve
added 2025/05/23 3:44 a.m.12 views

CVE-2023-45676

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in f-vendori = get8packetf;. The root cause is an integer overflow in setupmalloc. A sufficiently large value in the variable sz overflows with sz+7 in and the negative...

7.8CVSS7.4AI score0.00518EPSS
Exploits0References1
githubexploit
githubexploit
added 2025/05/01 11:41 a.m.439 views

Exploit for Deserialization of Untrusted Data in Google Android

CVE-2024-31317-PoC-Deployer!Android Versionhttps://img.shie...

7.8CVSS6.1AI score0.00779EPSS
Exploits12
ibm
ibm
added 2025/04/29 12:41 p.m.16 views

Security Bulletin: There is an Out-of-Bounds write vulnerability in MIT's Kerberos 5 that is shipped with IBM TXSeries for Multiplatforms (CVE-2025-24528).

Summary There is an Out-of-Bounds write vulnerability in MIT's Kerberos 5 that is shipped with IBM TXSeries for Multiplatforms CVE-2025-24528. MIT's Kerberos 5 is a network authentication protocol that is used by IBM TXSeries for Multiplatforms. An update to IBM TXSeries for Multiplatforms has be...

7.1CVSS6.4AI score0.00606EPSS
Exploits0Affected Software1
osv
osv
added 2025/04/15 6:15 a.m.5 views

AZL-60928 CVE-2025-3576 affecting package krb5 for versions less than 1.19.4-4

A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This ma...

5.9CVSS6.9AI score0.00308EPSS
Exploits0References1
nvd
nvd
added 2025/04/15 6:15 a.m.18 views

CVE-2025-3576

A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This ma...

5.9CVSS0.00308EPSS
Exploits0References16
osv
osv
added 2025/04/15 6:15 a.m.11 views

CVE-2025-3576

A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This ma...

5.9CVSS6.6AI score0.00308EPSS
Exploits0References15
osv
osv
added 2025/04/15 6:15 a.m.9 views

UBUNTU-CVE-2025-3576

A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This ma...

5.9CVSS6.9AI score0.00308EPSS
Exploits0References5
cve
cve
added 2025/04/15 5:55 a.m.238 views

CVE-2025-3576

CVE-2025-3576 affects MIT Kerberos (krb5) with RC4-HMAC-MD5, enabling message spoofing via MD5 collisions in GSSAPI-protected messages. Public advisories (Red Hat, Debian, Amazon Linux, AlmaLinux, etc.) indicate the vulnerability exists in krb5 and provide remediation guidance. Impact is limited ...

5.9CVSS5.6AI score0.00308EPSS
Exploits0References16
debiancve
debiancve
added 2025/04/15 5:55 a.m.30 views

CVE-2025-3576

A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This ma...

5.9CVSS6.7AI score0.00308EPSS
Exploits0
redhatcve
redhatcve
added 2025/04/15 5:32 a.m.17 views

CVE-2025-3576

A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This ma...

5.9CVSS5.5AI score0.00308EPSS
Exploits0References3
ibm
ibm
added 2025/04/15 2:23 a.m.74 views

Security Bulletin: IBM Automation Decision Services - Multiple CVEs addressed (February 2024)

Summary IBM Automation Decision Services is vulnerable to denial of service attacks in third party and open source used in the product for various functions. See full list below. This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2023-36054 DESCRIPTION: MIT Kerberos 5 aka krb5...

9CVSS9.9AI score0.03796EPSS
Exploits1Affected Software1
Rows per page
Query Builder