CVE-2024-38827

The usage of String.toLowerCase and String.toUpperCase has some Locale dependent exceptions that could potentially result in authorization rules not working properly...

CVE-2024-38827

CVE-2024-38827 (IBM Controller) is described as a locale-dependent issue in String.toLowerCase()/toUpperCase() that could cause authorization rules to bypass. Affected product/version: IBM Controller 11.1.0–11.1.1. Remediation: upgrade to IBM Controller 11.1.2 (per IBM bulletin). Connected docs p...

PT-2022-36680 · Git +1 · Fluent-Bit

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-buffer-overflow read, which was identified through an OSS-Fuzz report. The crash state involves several functions, includi...

Null pointer dereference

The kdbldap plugin in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a kinit operation with incorrect string case for the realm, relate...

CVE-2011-1527

The kdbldap plugin in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a kinit operation with incorrect string case for the realm, relate...