Lucene search
K

18 matches found

OSV
OSV
added 2025/12/16 4:16 p.m.11 views

AZL-72637 CVE-2025-68284 affecting package kernel for versions less than 6.6.119.3-1

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds writes in handleauthsessionkey The len field originates from untrusted network packets. Boundary checks have been added to prevent potential out-of-bounds writes when decrypting the...

5.8AI score0.00173EPSS
Exploits0References1
OSV
OSV
added 2025/12/16 4:16 p.m.3 views

UBUNTU-CVE-2025-68284

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds writes in handleauthsessionkey The len field originates from untrusted network packets. Boundary checks have been added to prevent potential out-of-bounds writes when decrypting the...

5.9AI score0.00173EPSS
Exploits0References35
CVE
CVE
added 2025/12/16 3:6 p.m.19 views

CVE-2025-68284

CVE-2025-68284 concerns the Linux kernel/libceph: the issue arises from handling the authentication session key where the len field comes from untrusted network packets. The patch adds boundary checks to prevent potential out-of-bounds writes when decrypting the connection secret or processing se...

6.2AI score0.00173EPSS
Exploits0References6
OSV
OSV
added 2025/12/16 3:6 p.m.5 views

CVE-2025-68284 libceph: prevent potential out-of-bounds writes in handle_auth_session_key()

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds writes in handleauthsessionkey The len field originates from untrusted network packets. Boundary checks have been added to prevent potential out-of-bounds writes when decrypting the...

6.5AI score0.00173EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/11/27 12:0 a.m.4 views

PT-2025-51688

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the libceph component, specifically in the handle auth session key function. This issue could lead to potential out-of-bounds writes due to...

6CVSS5.4AI score0.00173EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2011-0069

Malware in sbrugna...

7.2CVSS6.2AI score0.01573EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-34335

Malicious code in bioql PyPI...

8.8CVSS6.8AI score0.00965EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-19814

Malicious code in bioql PyPI...

9.6CVSS9.3AI score0.01262EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2021-21326

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI befor...

7.7CVSS6.7AI score0.0138EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/04 11:51 p.m.6 views

CVE-2024-22245

Arbitrary Authentication Relay and Session Hijack vulnerabilities in the deprecated VMware Enhanced Authentication Plug-in EAP could allow a malicious actor that could trick a target domain user with EAP installed in their web browser into requesting and relaying service tickets for arbitrary...

9.6CVSS7.3AI score0.01262EPSS
Exploits0References1
Gitee
Gitee
added 2024/03/05 12:41 p.m.46 views

Exploit for CVE-2021-42278

This is a PoC exploit for CVE-2021-42278 and CVE-2021-42287, which are two vulnerabilities in the Windows operating system that allow an attacker to impersonate a Domain Administrator DA from a standard domain user. The exploit uses the Impacket library to interact with the Windows Domain...

8.8CVSS7.4AI score0.74265EPSS
Exploits10
Kitploit
Kitploit
added 2020/09/15 11:30 a.m.142 views

Rbcd-Attack - Kerberos Resource-Based Constrained Delegation Attack From Outside Using Impacket

Abusing Kerberos Resource-Based Constrained Delegation TL;DR This repo is about a practical attack against Kerberos Resource-Based Constrained Delegation in a Windows Active Directory Domain. The difference from other common implementations is that we are launching the attack from outside of the...

7.4AI score
Exploits0References7
Prion
Prion
added 2020/06/03 2:15 p.m.4 views

Default credentials

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Red Hat Product Security does not consider this as a security flaw. Password changes aren't expected to...

7AI score
Exploits0
CVE
CVE
added 2020/06/03 1:49 p.m.30 views

CVE-2020-1703

CVE-2020-1703 entry is rejected and does not represent an active vulnerability.

6.8AI score
Exploits0
NVD
NVD
added 2011/02/10 4:0 p.m.23 views

CVE-2011-0043

Kerberos in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 supports weak hashing algorithms, which allows local users to gain privileges by operating a service that sends crafted service tickets, as demonstrated by the CRC32 algorithm, aka "Kerberos Unkeyed Checksum Vulnerability."...

7.2CVSS6.3AI score0.01573EPSS
Exploits0References9
Prion
Prion
added 2011/02/10 4:0 p.m.23 views

Design/Logic Flaw

Kerberos in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 supports weak hashing algorithms, which allows local users to gain privileges by operating a service that sends crafted service tickets, as demonstrated by the CRC32 algorithm, aka "Kerberos Unkeyed Checksum Vulnerability."...

7.2CVSS6.9AI score0.01573EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2011/02/10 3:0 p.m.29 views

CVE-2011-0043

Kerberos in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 supports weak hashing algorithms, which allows local users to gain privileges by operating a service that sends crafted service tickets, as demonstrated by the CRC32 algorithm, aka "Kerberos Unkeyed Checksum Vulnerability."...

6.3AI score0.01573EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2010/08/19 12:0 a.m.22 views

phpCAS Session Hijacking and Cross-Site Scripting Vulnerabilities

This host is installed with phpCAS and is prone to session hijacking and cross-site scripting vulnerabilities. OpenVAS Vulnerability Test $Id: gbphpcassessionhijacknxssvuln.nasl 7823 2017-11-20 08:54:04Z cfischer $ phpCAS Session Hijacking and Cross-Site Scripting Vulnerabilities Authors: Madhuri...

4CVSS0.3AI score0.02517EPSS
Exploits0References4
Rows per page
Query Builder