Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
heimdal vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-41916
Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions before 7.7.1 are vulnerable to a denial of service vulnerability in Heimdal's PKI certificate validation library, affecting the KDC (via PKINIT) and kinit (via PKINIT), as well as any third-party applica...
Heimdal Project Heimdal
Debian Debian Linux 10.0
Debian Debian Linux 11.0
7.8
CVSSv3
CVE-2022-24618
Heimdal.Wizard.exe installer in Heimdal Premium Security 2.5.395 and previous versions has insecure permissions, which allows unprivileged local users to elevate privileges to SYSTEM via the "Browse For Folder" window accessible by triggering a "Repair" on the...
Heimdalsecurity Heimdal Premium Security
6.5
CVSSv3
CVE-2021-3671
A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server.
Samba Samba
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Ontap Select Deploy Administration Utility -
Netapp Management Services For Element Software -
Netapp Management Services For Netapp Hci -
9.8
CVSSv3
CVE-2021-25216
In BIND 9.5.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.11.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if th...
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Isc Bind 9.11.7
Isc Bind 9.11.3
Isc Bind 9.11.6
Isc Bind 9.10.5
Isc Bind 9.11.5
Isc Bind 9.9.3
Isc Bind 9.10.7
Isc Bind 9.11.12
Isc Bind
Isc Bind 9.9.12
Isc Bind 9.9.13
Isc Bind 9.11.8
Isc Bind 9.11.21
Isc Bind 9.11.27
Isc Bind 9.11.29
Isc Bind 9.16.8
Isc Bind 9.16.11
Isc Bind 9.16.13
Siemens Sinec Infrastructure Network Services
Netapp Cloud Backup -
1 Github repository
1 Article
5.4
CVSSv3
CVE-2019-14870
All Samba versions 4.x.x prior to 4.9.17, 4.10.x prior to 4.10.11 and 4.11.x prior to 4.11.3 have an issue, where the S4U (MS-SFU) Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in any way, either S4U2Self o...
Samba Samba
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
7.5
CVSSv3
CVE-2018-16860
A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the middle attacker could use this flaw to intercept the request to the KDC and ...
Samba Samba
Heimdal Project Heimdal
7.4
CVSSv3
CVE-2019-12098
In the client side of Heimdal prior to 7.6.0, failure to verify anonymous PKINIT PA-PKINIT-KX key exchange permits a man-in-the-middle attack. This issue is in krb5_init_creds_step in lib/krb5/init_creds_pw.c.
Heimdal Project Heimdal
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Debian Debian Linux 9.0
9.1
CVSSv3
CVE-2019-8351
Heimdal Thor Agent 2.5.17x prior to 2.5.173 does not verify X.509 certificates from TLS servers, which allows remote malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Heimdalsecurity Thor 2.5.170
Heimdalsecurity Thor 2.5.171
Heimdalsecurity Thor 2.5.172
7.8
CVSSv3
CVE-2018-5349
A vulnerability has been found in Heimdal PRO v2.2.190, but it is most likely also present in Heimdal FREE and Heimdal CORP. Faulty permissions on the directory "C:\ProgramData\Heimdal Security\Heimdal Agent" allow BUILTIN\Users to write new files to the directory. On s...
Heimdalsecurity Heimdal 2.2.190
7
CVSSv3
CVE-2018-5731
An issue exists in Heimdal PRO 2.2.190. As part of the scanning feature, a process called md.hs writes an executable called CS1.tmp to C:\windows\TEMP. Afterwards the executable is run. It is possible for an malicious user to create the file first, let md.hs overwrite it, and the...
Heimdalsecurity Heimdal 2.2.190
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »