Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
heimdal vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-29485
An issue exists in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows malicious users to bypass network filtering, execute arbitrary code, and obtain sensitive information via DarkLayer Guard threat prevention module.
Heimdalsecurity Thor
9.8
CVSSv3
CVE-2023-29486
An issue exists in Heimdal Thor agent versions 3.4.2 and prior to 3.7.0 on Windows, allows malicious users to bypass USB access restrictions, execute arbitrary code, and obtain sensitive information via Next-Gen Antivirus component.
Heimdalsecurity Thor
9.8
CVSSv3
CVE-2022-45141
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting ...
Samba Samba
9.8
CVSSv3
CVE-2022-44640
Heimdal prior to 7.7.1 allows remote malicious users to execute arbitrary code because of an invalid free in the ASN.1 codec used by the Key Distribution Center (KDC).
Heimdal Project Heimdal
Samba Samba
9.8
CVSSv3
CVE-2021-25216
In BIND 9.5.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.11.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if th...
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Isc Bind 9.11.7
Isc Bind 9.11.3
Isc Bind 9.11.6
Isc Bind 9.10.5
Isc Bind 9.11.5
Isc Bind 9.9.3
Isc Bind 9.10.7
Isc Bind 9.11.12
Isc Bind
Isc Bind 9.9.12
Isc Bind 9.9.13
Isc Bind 9.11.8
Isc Bind 9.11.21
Isc Bind 9.11.27
Isc Bind 9.11.29
Isc Bind 9.16.8
Isc Bind 9.16.11
Isc Bind 9.16.13
Siemens Sinec Infrastructure Network Services
Netapp Cloud Backup -
1 Github repository
1 Article
9.8
CVSSv3
CVE-2004-0434
k5admind (kadmind) for Heimdal allows remote malicious users to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow.
Heimdal Project Heimdal
Debian Debian Linux 3.0
9.1
CVSSv3
CVE-2023-29487
An issue exists in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows malicious users to cause a denial of service (DoS) via the Threat To Process Correlation threat prevention module.
Heimdalsecurity Thor
9.1
CVSSv3
CVE-2019-8351
Heimdal Thor Agent 2.5.17x prior to 2.5.173 does not verify X.509 certificates from TLS servers, which allows remote malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Heimdalsecurity Thor 2.5.170
Heimdalsecurity Thor 2.5.171
Heimdalsecurity Thor 2.5.172
8.8
CVSSv3
CVE-2022-42898
PAC parsing in MIT Kerberos 5 (aka krb5) prior to 1.19.4 and 1.20.x prior to 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and...
Mit Kerberos 5
Mit Kerberos 5 1.20
Heimdal Project Heimdal
Samba Samba
8.1
CVSSv3
CVE-2017-11103
Heimdal prior to 7.4 allows remote malicious users to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In _krb5_extract_ticket() the KDC-REP service name must be obtained ...
Heimdal Project Heimdal
Freebsd Freebsd -
Samba Samba
Apple Mac Os X
Apple Iphone Os
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »