Lucene search
K

63130 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-40355

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism...

5.9CVSS5.9AI score0.00461EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/28 6:35 p.m.6 views

CVE-2026-31256

A null pointer dereference vulnerability exists in the RTSP service of the MERCURY MIPC252W 1.0.5 Build 230306 Rel.79931n. During the processing of a SETUP request for the path rtsp://:554/stream1/track2, the device fails to properly validate the Transport header field. When this header is...

7.5CVSS5.3AI score0.00407EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/28 8:54 a.m.5 views

CVE-2026-40355

A flaw was found in MIT Kerberos 5 krb5. An unauthenticated remote attacker can exploit a NULL pointer dereference vulnerability by calling gssacceptseccontext on a system with a NegoEx mechanism registered. This can lead to the termination of the process, resulting in a Denial of Service DoS...

5.9CVSS5.7AI score0.00461EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/28 6:49 a.m.5 views

freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()

A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0...

7.5CVSS5.3AI score0.00467EPSS
Exploits0References6
NVD
NVD
added 2026/04/28 6:16 a.m.3 views

CVE-2026-40355

In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parsenegomessage...

5.9CVSS0.00461EPSS
Exploits0References3
OSV
OSV
added 2026/04/28 6:16 a.m.8 views

DEBIAN-CVE-2026-40355

In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parsenegomessage...

5.9CVSS5.5AI score0.00461EPSS
Exploits0References1
OSV
OSV
added 2026/04/28 6:16 a.m.7 views

UBUNTU-CVE-2026-40355

In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parsenegomessage...

5.9CVSS5.8AI score0.00461EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/28 12:0 a.m.28 views

CVE-2026-40355

In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parsenegomessage...

5.9CVSS0.00461EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/28 12:0 a.m.8 views

Juniper Junos OS Multiple Vulnerabilities (JSA82973)

The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA82973 advisory. - Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root...

7.8CVSS7.3AI score0.40002EPSS
Exploits10References14
UbuntuCve
UbuntuCve
added 2026/04/28 12:0 a.m.6 views

CVE-2026-40355

In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parsenegomessage...

5.9CVSS5.8AI score0.00461EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.7 views

MIT Kerberos 代码问题漏洞

MIT Kerberos is a software used by the Massachusetts Institute of Technology MIT for authentication in network clusters. As a network authentication protocol, its design goal is to provide robust authentication services for client/server applications through a key system. Prior to version 5.1.2.3...

5.9CVSS5.9AI score0.00461EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/28 12:0 a.m.6 views

CVE-2026-40355

In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parsenegomessage...

5.9CVSS5.4AI score0.00461EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/28 12:0 a.m.7 views

EUVD-2026-25981

In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parsenegomessage...

5.9CVSS5.5AI score0.00461EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/28 12:0 a.m.4 views

CVE-2026-40355

In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parsenegomessage...

5.9CVSS5.4AI score0.00461EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2026/04/28 12:0 a.m.4 views

CVE-2026-40355

In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parsenegomessage...

5.9CVSS5.5AI score0.00461EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/28 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-31457

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/damon/sysfs: check contexts-nr in repeatcallfn damonsysfsrepeatcallfn calls damonsysfsupdtunedintervals, damonsysfsupdschemesstats, and...

5.5CVSS6AI score0.00121EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/28 12:0 a.m.5 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the parsenegomessage function when the NegoEx mechanism is registered in the system's GSSAPI configuration. An attacker can cause the process to terminate by sending specially crafted requests remotely...

8.7CVSS5.8AI score0.00461EPSS
Exploits0References2
NVD
NVD
added 2026/04/27 7:16 p.m.4 views

CVE-2026-31256

A null pointer dereference vulnerability exists in the RTSP service of the MERCURY MIPC252W 1.0.5 Build 230306 Rel.79931n. During the processing of a SETUP request for the path rtsp://:554/stream1/track2, the device fails to properly validate the Transport header field. When this header is...

7.5CVSS0.00407EPSS
Exploits1References1
OSV
OSV
added 2026/04/27 6:33 p.m.10 views

JLSEC-2026-273

Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL pointer dereference might happen if the required CRL Number extension is missing. Impact summary: A NULL pointer dereference can trigger a crash which leads to a Denial of Service for an application...

7.5CVSS6.1AI score0.00885EPSS
Exploits0References6
OSV
OSV
added 2026/04/27 6:33 p.m.11 views

JLSEC-2026-219 Null pointer deference in openssl-src

Server or client applications that call the SSLcheckchain function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signaturealgorithmscert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm i...

7.5CVSS6.2AI score0.53336EPSS
Exploits2References42
Rows per page
Query Builder