Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mit vulnerabilities and exploits
(subscribe to this query)
1.9
CVSSv2
CVE-2017-2624
It was found that xorg-x11-server prior to 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is...
X.org Xorg-server
Debian Debian Linux 7.0
7.5
CVSSv2
CVE-2017-12185
xorg-x11-server prior to 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly execute arbitrary code.
Debian Debian Linux 8.0
Debian Debian Linux 9.0
X.org Xorg-server
4
CVSSv2
CVE-2018-5710
An issue exists in MIT Kerberos 5 (aka krb5) up to and including 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the Key Distribution Center (KDC), which allows remote...
Mit Kerberos
5
CVSSv2
CVE-2018-5709
An issue exists in MIT Kerberos 5 (aka krb5) up to and including 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. A...
Mit Kerberos
5
CVSSv2
CVE-2017-17439
In Heimdal up to and including 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation...
Debian Debian Linux 9.0
Heimdal Project Heimdal
7.5
CVSSv2
CVE-2017-15088
plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) up to and including 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote malicious users to execute arbitrary code or cause a denial of service (buffer overflow and application crash) in ...
Mit Kerberos 5
7.5
CVSSv2
CVE-2017-11462
Double free vulnerability in MIT Kerberos 5 (aka krb5) allows malicious users to have unspecified impact via vectors involving automatic deletion of security contexts on error.
Mit Kerberos 5 1.14
Mit Kerberos 5 1.14.1
Mit Kerberos 5 1.14.2
Mit Kerberos 5 1.14.3
Mit Kerberos 5 1.14.4
Mit Kerberos 5 1.14.5
Mit Kerberos 5 1.15
Mit Kerberos 5 1.15.1
Fedoraproject Fedora 26
Fedoraproject Fedora 25
6.8
CVSSv2
CVE-2017-11103
Heimdal prior to 7.4 allows remote malicious users to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained ...
Heimdal Project Heimdal
Freebsd Freebsd -
Samba Samba
Apple Mac Os X
Apple Iphone Os
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
4
CVSSv2
CVE-2016-3120
The validate_as_request function in kdc_util.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) prior to 1.13.6 and 1.4.x prior to 1.14.3, when restrict_anonymous_to_tgt is enabled, uses an incorrect client data structure, which allows remote authenticated users ...
Mit Kerberos 5 1.13
Mit Kerberos 5 1.13.1
Mit Kerberos 5 1.13.2
Mit Kerberos 5 1.13.3
Mit Kerberos 5 1.13.4
Mit Kerberos 5 1.13.5
Mit Kerberos 5 1.13.6
Mit Kerberos 5 1.14
Mit Kerberos 5 1.14.1
Mit Kerberos 5 1.14.2
8.5
CVSSv2
CVE-2015-2698
The iakerb_gss_export_sec_context function in lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) 1.14 pre-release 2015-09-14 improperly accesses a certain pointer, which allows remote authenticated users to cause a denial of service (memory corruption) or possibly have unspeci...
Mit Kerberos 5 1.14
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »