CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

326 matches found

OSV•added 2026/05/22 12:46 p.m.•3 views

ROOT-APP-GOBINARY-CVE-2026-32952 CVE-2026-32952 in rootio-github.com/Azure/go-ntlmssp - Patched by Root

Root has patched CVE-2026-32952 in the rootio-github.com/Azure/go-ntlmssp package for Root:Go. Multiple fixed versions available...

5.3CVSS5.8AI score0.0007EPSS

Exploits0

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в wireshark

The NTLMSSP dissector crash in Wireshark versions 4.2.0 to 4.0.6, as well as 4.0.0 to 4.0.16, allows for denial of service through packet injection or malicious capture files...

7.8CVSS6.7AI score0.00032EPSS

Exploits1References2

Tenable Nessus•added 2026/04/27 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-32952

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - go-ntlmssp is a Go package that provides NTLM/Negotiate authentication over HTTP. Prior to version 0.1.1, a malicious NTLM challenge message can causes an slice...

7.5CVSS5.8AI score0.0007EPSS

Exploits0References3

Snyk•added 2026/04/24 4:20 a.m.•3 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the ntlmssp.Negotiator process. An attacker can cause a panic and crash the application by sending a specially crafted NTLM challenge message. Remediation Upgrade github.com/Azure/go-ntlmssp to version...

7.5CVSS5.8AI score0.0007EPSS

Exploits0References2

NVD•added 2026/04/24 3:16 a.m.•3 views

CVE-2026-32952

go-ntlmssp is a Go package that provides NTLM/Negotiate authentication over HTTP. Prior to version 0.1.1, a malicious NTLM challenge message can causes an slice out of bounds panic, which can crash any Go process using ntlmssp.Negotiator as an HTTP transport. Version 0.1.1 patches the issue...

7.5CVSS0.0007EPSS

Exploits0References2

AlpineLinux•added 2026/04/24 1:46 a.m.•2 views

CVE-2026-32952

7.5CVSS5.8AI score0.0007EPSS

Exploits0

CVE•added 2026/04/24 1:46 a.m.•14 views

CVE-2026-32952

CVE-2026-32952 affects the Go package go-ntlmssp. Before version 0.1.1, a malformed NTLM challenge message can trigger a slice-out-of-bounds panic in ntlmssp.Negotiator when used as an HTTP transport, potentially crashing the Go process. The issue is fixed in version 0.1.1. Affected components ar...

7.5CVSS5.7AI score0.0007EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2026/04/24 1:46 a.m.•4 views

CVE-2026-32952 go-ntlmssp NTLM challenges can panic on malformed payloads

5.3CVSS5.2AI score0.0007EPSS

Exploits0References2

UbuntuCve•added 2026/04/24 12:0 a.m.•3 views

CVE-2026-32952

7.5CVSS5.8AI score0.0007EPSS

Exploits0References1

Github Security Blog•added 2026/04/23 9:21 p.m.•8 views

go-ntlmssp NTLM challenges can panic on malformed payloads

7.5CVSS5.2AI score0.0007EPSS

Exploits0References4Affected Software1

OSV•added 2026/04/01 10:36 a.m.•4 views

CLSA-2026-1775039763 wireshark: Fix of 11 CVEs

CVE-2023-6175: fix heap buffer overflow in NetScreen file parser - CVE-2024-0208: fix crash in GVCP dissector due to NULL string - CVE-2024-0209: fix uncontrolled recursion in ASN.1 dissectors - CVE-2024-0211: fix infinite loop in DOCSIS dissector - CVE-2024-2955: fix use-after-free in T.38...

7.8CVSS6AI score0.02747EPSS

Exploits7References1

OSV•added 2026/04/01 8:42 a.m.•3 views

CLSA-2026-1775032927 wireshark: Fix of 11 CVEs

7.8CVSS6.9AI score0.02747EPSS

Exploits7References1

OSV•added 2025/12/01 1:2 p.m.•3 views

ROOT-OS-UBUNTU-2204-CVE-2023-25563 CVE-2023-25563 in rootio-gss-ntlmssp - Patched by Root

Root has patched CVE-2023-25563 in the rootio-gss-ntlmssp package for Root:Ubuntu:22.04. Multiple fixed versions available...

7.5CVSS5.4AI score0.00271EPSS

Exploits0

OSV•added 2025/11/28 9:43 a.m.•2 views