Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-18
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-2696 5 Canonical, Debian, Mit and 2 more 8 Ubuntu Linux, Debian Linux, Kerberos 5 and 5 more 2021-02-02 7.1 HIGH N/A
lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted IAKERB packet that is mishandled during a gss_inquire_context call.
CVE-2019-7263 1 Nortekcontrol 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more 2019-07-03 10.0 HIGH 9.8 CRITICAL
Linear eMerge E3-Series devices have a Version Control Failure.
CVE-2016-7429 1 Ntp 1 Ntp 2018-01-04 4.3 MEDIUM 3.7 LOW
NTP before 4.2.8p9 changes the peer structure to the interface it receives the response from a source, which allows remote attackers to cause a denial of service (prevent communication with a source) by sending a response for a source to an interface the source does not use.
CVE-2014-8994 1 Check Diskio Project 1 Check Diskio 2017-09-07 3.6 LOW N/A
The check_diskio plugin 3.2.6 and earlier for Nagios and Icinga allows local users to write to arbitrary files via a symlink attack on a temporary file with a predictable name (tmp/check_diskio_status-*-*).
CVE-2015-7262 1 Qnap 2 Iartist Lite, Signage Station 2016-03-11 8.5 HIGH 7.5 HIGH
QNAP iArtist Lite before 1.4.54, as distributed with QNAP Signage Station before 2.0.1, allows remote authenticated users to gain privileges by registering an executable file, and then waiting for this file to be run in a privileged context after a reboot.
CVE-2015-0962 1 Barracuda 1 Web Filter 2015-05-27 4.3 MEDIUM N/A
Barracuda Web Filter 7.x and 8.x before 8.1.0.005, when SSL Inspection is enabled, uses the same root Certification Authority certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship.