mit

160 tracked vulnerabilities.

CVE-2018-5710 MEDIUM
MIT Kerberos < 5-1.16 - Authenticated Denial of Service via NULL Pointer Dereference in KDC
Jan 16, 2018
CVSS 6.5
EPSS 0.01
CVE-2018-5709 HIGH
MIT Kerberos <1.16 - Info Disclosure
Jan 16, 2018
CVSS 7.5
EPSS 0.01
CVE-2017-7562 MEDIUM
Red Hat Enterprise Linux - Authentication Bypass via Improper Certificate Validation
Jul 26, 2018
CVSS 6.5
EPSS 0.00
CVE-2017-15088 CRITICAL
MIT Kerberos 5 < 1.15.2 - Remote Code Execution via DN Field Buffer Overflow
Nov 23, 2017
CVSS 9.8
EPSS 0.04
CVE-2017-11462 CRITICAL
MIT Kerberos 5 - Double Free via Security Context Deletion on Error
Sep 13, 2017
CVSS 9.8
EPSS 0.01
CVE-2017-11368 MEDIUM
Fedora - Reachable Assertion
Aug 09, 2017
CVSS 6.5
EPSS 0.01
CVE-2016-3120 MEDIUM
MIT Kerberos 5 < 1.13.6 and 1.14.x < 1.14.3 - Authenticated Denial of Service via S4U2Self Request
Aug 01, 2016
CVSS 6.5
EPSS 0.03
CVE-2016-3119 MEDIUM
Opensuse Leap - Denial of Service
Mar 26, 2016
CVSS 5.3
EPSS 0.09
CVE-2015-8631 MEDIUM
MIT Kerberos 5 < 1.13.4 and 1.14.x < 1.14.1 - Authenticated Denial of Service via NULL Principal Name Request
Feb 13, 2016
CVSS 6.5
EPSS 0.02
CVE-2015-8630 HIGH
MIT Kerberos 5 < 1.13.4/1.14.1 Authenticated DoS via KADM5_POLICY NULL Policy
Feb 13, 2016
CVSS 7.5
EPSS 0.03
CVE-2015-8629 MEDIUM
MIT Kerberos 5 < 1.13.4 and 1.14.x < 1.14.1 - Authenticated Out-of-bounds Read in kadmind xdr_nullstring
Feb 13, 2016
CVSS 5.3
EPSS 0.02
CVE-2015-2698
MIT Kerberos 5 1.14 pre-release 2015-09-14 - Authenticated Memory Corruption via gss_export_sec_context Function
Nov 13, 2015
EPSS 0.01
CVE-2015-2697
MIT Kerberos 5 < 1.14 - Authenticated Denial of Service via TGS Request Realm Field
Nov 09, 2015
EPSS 0.05
CVE-2015-2696
MIT Kerberos 5 < 1.14 - Denial of Service via IAKERB Packet Mishandling
Nov 09, 2015
EPSS 0.11
CVE-2015-2695
MIT Kerberos 5 < 1.14 - Denial of Service via SPNEGO Packet Mishandling
Nov 09, 2015
EPSS 0.05
CVE-2015-2694
MIT Kerberos 5 1.12.x-1.13.x - Preauthentication Bypass via Zero Bytes or Arbitrary Realm
May 25, 2015
EPSS 0.01
CVE-2014-5355
MIT Kerberos 5 through 1.13.1 - Denial of Service via Malformed krb5_read_message Data Field
Feb 20, 2015
EPSS 0.08
CVE-2014-9423
MIT Kerberos 5 < 1.13.1 - Uninitialized Memory Exposure via svcauth_gss_accept_sec_context
Feb 19, 2015
EPSS 0.02
CVE-2014-9422
MIT Kerberos 5 <= 1.11.5, 1.12.x <= 1.12.2, 1.13.x < 1.13.1 - Authenticated Authorization Bypass via kadmind Principal
Feb 19, 2015
EPSS 0.01
CVE-2014-9421
MIT Kerberos 5 <= 1.11.5, 1.12.x <= 1.12.2, 1.13.x < 1.13.1 - Authenticated Denial of Service via Malformed XDR Data
Feb 19, 2015
EPSS 0.05
CVE-2014-5352
MIT Kerberos 5 Use-After-Free in GSSAPI Context Token Processing
Feb 19, 2015
EPSS 0.05
CVE-2014-5354
MIT Kerberos 1.12.x and 1.13.x < 1.13.1 - Authenticated Denial of Service via Keyless Principal Creation
Dec 16, 2014
EPSS 0.01
CVE-2014-5353
MIT Kerberos 5 < 1.13.1 - Authenticated Denial of Service via LDAP Password Policy Query
Dec 16, 2014
EPSS 0.01
CVE-2014-5351
MIT Kerberos 5 - Authenticated Ticket Forgery via kadm5_randkey_principal_3 Old Key Exposure
Oct 10, 2014
EPSS 0.00
CVE-2014-4345
MIT Kerberos 5 <1.11.6, <1.12.2 - Buffer Overflow
Aug 14, 2014
EPSS 0.11
Products
kerberos_5 137 kerberos 33 krb5-appl 4 Kerberos 5 3 cgiemail 2 scratch-svg-renderer 2 kerberos_ftp_client 1 mit_kerberos 1 pgp_public_key_server 1 scratch-vm 1 universal_turing_machine 1
Quick Filters
Critical CVEs With Exploits In CISA KEV