18 matches found
AZL-72637 CVE-2025-68284 affecting package kernel for versions less than 6.6.119.3-1
In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds writes in handleauthsessionkey The len field originates from untrusted network packets. Boundary checks have been added to prevent potential out-of-bounds writes when decrypting the...
UBUNTU-CVE-2025-68284
In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds writes in handleauthsessionkey The len field originates from untrusted network packets. Boundary checks have been added to prevent potential out-of-bounds writes when decrypting the...
CVE-2025-68284
CVE-2025-68284 concerns the Linux kernel/libceph: the issue arises from handling the authentication session key where the len field comes from untrusted network packets. The patch adds boundary checks to prevent potential out-of-bounds writes when decrypting the connection secret or processing se...
CVE-2025-68284 libceph: prevent potential out-of-bounds writes in handle_auth_session_key()
In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds writes in handleauthsessionkey The len field originates from untrusted network packets. Boundary checks have been added to prevent potential out-of-bounds writes when decrypting the...
PT-2025-51688
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the libceph component, specifically in the handle auth session key function. This issue could lead to potential out-of-bounds writes due to...
EUVD-2011-0069
Malware in sbrugna...
EUVD-2022-34335
Malicious code in bioql PyPI...
EUVD-2024-19814
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-21326
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI befor...
CVE-2024-22245
Arbitrary Authentication Relay and Session Hijack vulnerabilities in the deprecated VMware Enhanced Authentication Plug-in EAP could allow a malicious actor that could trick a target domain user with EAP installed in their web browser into requesting and relaying service tickets for arbitrary...
Exploit for CVE-2021-42278
This is a PoC exploit for CVE-2021-42278 and CVE-2021-42287, which are two vulnerabilities in the Windows operating system that allow an attacker to impersonate a Domain Administrator DA from a standard domain user. The exploit uses the Impacket library to interact with the Windows Domain...
Rbcd-Attack - Kerberos Resource-Based Constrained Delegation Attack From Outside Using Impacket
Abusing Kerberos Resource-Based Constrained Delegation TL;DR This repo is about a practical attack against Kerberos Resource-Based Constrained Delegation in a Windows Active Directory Domain. The difference from other common implementations is that we are launching the attack from outside of the...
Default credentials
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Red Hat Product Security does not consider this as a security flaw. Password changes aren't expected to...
CVE-2020-1703
CVE-2020-1703 entry is rejected and does not represent an active vulnerability.
CVE-2011-0043
Kerberos in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 supports weak hashing algorithms, which allows local users to gain privileges by operating a service that sends crafted service tickets, as demonstrated by the CRC32 algorithm, aka "Kerberos Unkeyed Checksum Vulnerability."...
Design/Logic Flaw
Kerberos in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 supports weak hashing algorithms, which allows local users to gain privileges by operating a service that sends crafted service tickets, as demonstrated by the CRC32 algorithm, aka "Kerberos Unkeyed Checksum Vulnerability."...
CVE-2011-0043
Kerberos in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 supports weak hashing algorithms, which allows local users to gain privileges by operating a service that sends crafted service tickets, as demonstrated by the CRC32 algorithm, aka "Kerberos Unkeyed Checksum Vulnerability."...
phpCAS Session Hijacking and Cross-Site Scripting Vulnerabilities
This host is installed with phpCAS and is prone to session hijacking and cross-site scripting vulnerabilities. OpenVAS Vulnerability Test $Id: gbphpcassessionhijacknxssvuln.nasl 7823 2017-11-20 08:54:04Z cfischer $ phpCAS Session Hijacking and Cross-Site Scripting Vulnerabilities Authors: Madhuri...