SUSE CVE-2026-31610

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix mechToken leak when SPNEGO decode fails after token alloc The kernel ASN.1 BER decoder calls action callbacks incrementally as it walks the input. When ksmbddecodenegTokenInit reaches the mechToken 2 OCTET STRING...

CVE-2025-54895 SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Elevation of Privilege Vulnerability

...

PT-2025-36861

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: An integer overflow or wraparound in Windows SPNEGO Extended Negotiation can allow an authorized attacker to elevate privileges locally. This issue allows attackers to affect the system...

SelectiveShield: Lightweight Hybrid Defense against Gradient Leakage in Federated Learning

Federated Learning FL enables collaborative model training on decentralized data but remains vulnerable to gradient leakage attacks that can reconstruct sensitive user information. Existing defense mechanisms, such as differential privacy DP and homomorphic encryption HE, often introduce a...

CLSA-2021-1632261610 Fix of CVE: CVE-2020-8625

Fix buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation CVE-2020-8625...

Cisco Wide Area Application Services (WAAS) SMB Handling Remote Denial of Service Vulnerability

Cisco Wide Area Application Services is a comprehensive WAN optimization solution that improves application performance in WAN environments, delivers video to branch offices and locally hosts branch office IT services. A security vulnerability exists in Cisco Wide Area Application Services that...

STunnel 3.x Client Negotiation Protocol Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3748/info Stunnel is a freely available, open source cryptography wrapper. It is designed to wrap arbitrary protocols that may or may not support cryptography. It is maintained by the Stunnel project. Stunnel does not...

PT-2013-1683 · Elinks +3 · Elinks +3

Name of the Vulnerable Software and Affected Versions: ELinks versions prior to 0.12pre6 Description: The issue concerns the delegation of user credentials through GSSAPI when using HTTP Negotiate or GSS-Negotiate authentication. This allows remote servers to authenticate as the client via the...

Microsoft Windows SMB2 Negotiation Protocol RCE Vulnerability

This host is missing a critical security update according to Microsoft Bulletin MS09-050. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...