Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

80019 matches found

NVD
NVDadded 2026/04/28 10:16 a.m.4 views

CVE-2025-48431

Mismatched Memory Management Routines vulnerability in Apache Thrift cglib language bindings. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue. Description: Specially crafted requests can crash an cglib-based Thrift server...

7.5CVSS0.0066EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/04/28 9:11 a.m.38 views

CVE-2025-48431 Apache Thrift: Specially crafted input can crash a c_glib Thrift server with invalid pointer error.

Mismatched Memory Management Routines vulnerability in Apache Thrift cglib language bindings. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue. Description: Specially crafted requests can crash an cglib-based Thrift server...

0.0066EPSS
Exploits0References1
EUVD
EUVDadded 2026/04/28 9:11 a.m.4 views

EUVD-2025-209581

Mismatched Memory Management Routines vulnerability in Apache Thrift cglib language bindings. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue. Description: Specially crafted requests can crash an cglib-based Thrift server...

7.5CVSS5.3AI score0.0066EPSS
Exploits0References1
CVE
CVEadded 2026/04/28 9:11 a.m.12 views

CVE-2025-48431

The CVE-2025-48431 affects Apache Thrift c_glib bindings (c_glib language bindings) prior to 0.23.0. The issue is a Mismatched Memory Management Routines vulnerability that can cause a crash in a c_glib-based Thrift server via specially crafted requests, producing a fatal "+free(): invalid pointe...

7.5CVSS5.3AI score0.0066EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVEadded 2026/04/28 8:54 a.m.4 views

CVE-2026-40355

A flaw was found in MIT Kerberos 5 krb5. An unauthenticated remote attacker can exploit a NULL pointer dereference vulnerability by calling gssacceptseccontext on a system with a NegoEx mechanism registered. This can lead to the termination of the process, resulting in a Denial of Service DoS...

5.9CVSS5.7AI score0.00461EPSS
Exploits0References6
RedHat Linux
RedHat Linuxadded 2026/04/28 6:49 a.m.4 views

freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()

A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0...

7.5CVSS5.3AI score0.00467EPSS
Exploits0References6
NVD
NVDadded 2026/04/28 6:16 a.m.3 views

CVE-2026-40355

In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parsenegomessage...

5.9CVSS0.00461EPSS
Exploits0References3
OSV
OSVadded 2026/04/28 6:16 a.m.8 views

DEBIAN-CVE-2026-40355

In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parsenegomessage...

5.9CVSS5.5AI score0.00461EPSS
Exploits0References1
OSV
OSVadded 2026/04/28 6:16 a.m.6 views

UBUNTU-CVE-2026-40355

In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parsenegomessage...

5.9CVSS5.8AI score0.00461EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/04/28 12:0 a.m.6 views

PT-2026-35743

An issue was discovered in Cista v0.15 and below. Insecure deserialization of untrusted input under certain conditions may lead to leaking of stack/heap addresses which may be used to bypass ASLR. Classes with pointer-like mechanics under the cista::raw namespace are prone to reference tampering,...

5.3CVSS5.4AI score0.00236EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/04/28 12:0 a.m.29 views

CVE-2025-60887

An issue was discovered in Cista v0.15 and below. Insecure deserialization of untrusted input under certain conditions may lead to leaking of stack/heap addresses which may be used to bypass ASLR. Classes with pointer-like mechanics under the cista::raw namespace are prone to reference tampering,...

5.3CVSS0.00236EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/04/28 12:0 a.m.27 views

CVE-2026-40355

In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parsenegomessage...

5.9CVSS0.00461EPSS
Exploits0References3
EUVD
EUVDadded 2026/04/28 12:0 a.m.3 views

EUVD-2025-209582

An issue was discovered in Cista v0.15 and below. Insecure deserialization of untrusted input under certain conditions may lead to leaking of stack/heap addresses which may be used to bypass ASLR. Classes with pointer-like mechanics under the cista::raw namespace are prone to reference tampering,...

5.3CVSS5.4AI score0.00236EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/04/28 12:0 a.m.4 views

PT-2026-35698

Mismatched Memory Management Routines vulnerability in Apache Thrift c glib language bindings. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue. Description: Specially crafted requests can crash an c glib-based Thrift serve...

7.5CVSS5.3AI score0.0066EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/04/28 12:0 a.m.3 views

CVE-2025-60887

An issue was discovered in Cista v0.15 and below. Insecure deserialization of untrusted input under certain conditions may lead to leaking of stack/heap addresses which may be used to bypass ASLR. Classes with pointer-like mechanics under the cista::raw namespace are prone to reference tampering,...

5.3CVSS5.4AI score0.00236EPSS
Exploits0References2
CNNVD
CNNVDadded 2026/04/28 12:0 a.m.6 views

MIT Kerberos 代码问题漏洞

MIT Kerberos is a software used by the Massachusetts Institute of Technology MIT for authentication in network clusters. As a network authentication protocol, its design goal is to provide robust authentication services for client/server applications through a key system. Prior to version 5.1.2.3...

5.9CVSS5.9AI score0.00461EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2026/04/28 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-31457

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/damon/sysfs: check contexts-nr in repeatcallfn damonsysfsrepeatcallfn calls damonsysfsupdtunedintervals, damonsysfsupdschemesstats, and...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2026/04/28 12:0 a.m.6 views

CVE-2026-40355

In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parsenegomessage...

5.9CVSS5.8AI score0.00461EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/04/28 12:0 a.m.5 views

CVE-2026-40355

In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parsenegomessage...

5.9CVSS5.4AI score0.00461EPSS
Exploits0References3
EUVD
EUVDadded 2026/04/28 12:0 a.m.6 views

EUVD-2026-25981

In MIT Kerberos 5 aka krb5 before 1.22.3, there is a NULL pointer dereference if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parsenegomessage...

5.9CVSS5.5AI score0.00461EPSS
Exploits0References3
Rows per page
Query Builder