Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kerberos vulnerabilities and exploits
(subscribe to this query)
7.6
CVSSv2
CVE-2014-0643
EMC RSA NetWitness prior to 9.8.5.19 and RSA Security Analytics prior to 10.2.4 and 10.3.x prior to 10.3.2, when Kerberos PAM is enabled, do not require a password, which allows remote malicious users to bypass authentication by leveraging knowledge of a valid account name.
Emc Rsa Netwitness
Emc Rsa Security Analytics
7.6
CVSSv2
CVE-2011-0284
Double free vulnerability in the prepare_error_as function in do_as_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 up to and including 1.9, when the PKINIT feature is enabled, allows remote malicious users to cause a denial of service (daemon crash) o...
Mit Kerberos 5 1.7.1
Mit Kerberos 5 1.8
Mit Kerberos 5 1.9
Mit Kerberos 5 1.8.1
Mit Kerberos 5 1.8.2
Mit Kerberos 5 1.8.3
Mit Kerberos 5 1.7
7.6
CVSSv2
CVE-2010-3570
Unspecified vulnerability in the Deployment Toolkit component in Oracle Java SE and Java for Business 6 Update 21 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors.
Sun Jre 1.6.0
Sun Jre
Sun Jdk 1.6.0
Sun Jdk
7.5
CVSSv2
CVE-2021-31962
Kerberos AppContainer Security Feature Bypass Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 10 1607
Microsoft Windows 8.1 -
Microsoft Windows Server 2016 -
Microsoft Windows 7 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2012 -
Microsoft Windows 10 -
Microsoft Windows Server 2008 Sp2
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows 10 1909
Microsoft Windows 10 2004
Microsoft Windows Server 2016 2004
Microsoft Windows 10 20h2
Microsoft Windows Server 2016 20h2
Microsoft Windows 10 21h1
7.5
CVSSv2
CVE-2021-3517
There is a flaw in the xml entity encoding functionality of libxml2 in versions prior to 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most like...
Xmlsoft Libxml2
Redhat Jboss Core Services -
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp E-series Santricity Storage Manager -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Snapdrive -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Santricity Unified Manager -
Netapp Manageability Software Development Kit -
Netapp E-series Santricity Web Services -
Netapp E-series Santricity Os Controller
Netapp Hci H410c Firmware -
7.5
CVSSv2
CVE-2021-23008
On version 15.1.x prior to 15.1.3, 14.1.x prior to 14.1.4, 13.1.x prior to 13.1.4, 12.1.x prior to 12.1.6, and all versions of 16.0.x and 11.6.x., BIG-IP APM AD (Active Directory) authentication can be bypassed via a spoofed AS-REP (Kerberos Authentication Service Response) respo...
7.5
CVSSv2
CVE-2020-3187
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to conduct directory traversal attacks and obtain read and delete access to se...
Cisco Firepower Threat Defense
Cisco Asa 5505 Firmware 9.6\\(4\\)
Cisco Asa 5510 Firmware 9.6\\(4\\)
Cisco Asa 5512-x Firmware 9.6\\(4\\)
Cisco Asa 5515-x Firmware 9.6\\(4\\)
Cisco Asa 5520 Firmware 9.6\\(4\\)
Cisco Asa 5525-x Firmware 9.6\\(4\\)
Cisco Asa 5540 Firmware 9.6\\(4\\)
Cisco Asa 5545-x Firmware 9.6\\(4\\)
Cisco Asa 5550 Firmware 9.6\\(4\\)
Cisco Asa 5555-x Firmware 9.6\\(4\\)
Cisco Asa 5580 Firmware 9.6\\(4\\)
Cisco Asa 5585-x Firmware 9.6\\(4\\)
Cisco Adaptive Security Appliance Software
2 Github repositories
1 Article
7.5
CVSSv2
CVE-2020-10595
pam-krb5 prior to 4.9 has a buffer overflow that might cause remote code execution in situations involving supplemental prompting by a Kerberos library. It may overflow a buffer provided by the underlying Kerberos library by a single '\0' byte if an attacker responds to...
Pam-krb5 Project Pam-krb5
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
7.5
CVSSv2
CVE-2014-8650
python-requests-Kerberos up to and including 0.5 does not handle mutual authentication
Requests-kerberos Project Requests-kerberos
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
7.5
CVSSv2
CVE-2019-5481
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
Haxx Curl
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Netapp Cloud Backup -
Netapp Steelstore -
Netapp Solidfire Baseboard Management Controller Firmware -
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Communications Operations Monitor 3.4
Oracle Communications Operations Monitor 4.0
Oracle Enterprise Manager Ops Center 12.4.0
Oracle Oss Support Tools 20.0
Oracle Communications Operations Monitor 4.2
Oracle Communications Operations Monitor 4.1
Oracle Communications Operations Monitor 4.3
Oracle Communications Session Border Controller 8.3
Oracle Communications Session Border Controller 8.4
Oracle Mysql Server
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.0
Opensuse Leap 15.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »