Known Vulnerabilities for products from Heimdal Project
Listed below are 13 of the newest known vulnerabilities associated with the vendor "Heimdal Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-45142 json | The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" c... | 7.5 - HIGH | 2023-03-06 | 2023-10-08 |
| CVE-2022-44640 json | Heimdal before 7.7.1 allows remote attackers to execute arbitrary code because of an invalid free in the ASN.1 codec used by ... | 9.8 - CRITICAL | 2022-12-25 | 2023-10-08 |
| CVE-2022-42898 json | PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote... | 8.8 - HIGH | 2022-12-25 | 2023-10-08 |
| CVE-2022-41916 json | Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Versions prior to 7.7.1 are vulnerable to a denial of service ... | 7.5 - HIGH | 2022-11-15 | 2023-10-08 |
| CVE-2022-3116 json | The Heimdal Software Kerberos 5 implementation is vulnerable to a null pointer dereferance. An attacker with network access t... | 7.5 - HIGH | 2023-03-27 | 2023-05-05 |
| CVE-2021-44758 json | Heimdal before 7.7.1 allows attackers to cause a NULL pointer dereference in a SPNEGO acceptor via a preferred_mech_type of G... | 7.5 - HIGH | 2022-12-26 | 2023-10-08 |
| CVE-2019-12098 json | In the client side of Heimdal before 7.6.0, failure to verify anonymous PKINIT PA-PKINIT-KX key exchange permits a man-in-the... | Not Provided | 2019-05-15 | 2026-04-15 |
| CVE-2018-16860 json | A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 ... | 7.5 - HIGH | 2019-07-31 | 2019-08-14 |
| CVE-2017-17439 json | In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing... | 7.5 - HIGH | 2017-12-06 | 2017-12-30 |
| CVE-2017-11103 json | Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-prin... | 8.1 - HIGH | 2017-07-13 | 2020-08-18 |
| CVE-2017-6594 json | The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath policy protection mechanism... | 7.5 - HIGH | 2017-08-28 | 2021-08-12 |
| CVE-2011-4862 json | Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-a... | 10 - HIGH | 2011-12-25 | 2021-02-09 |
| CVE-2004-0434 json | k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administratio... | Not Provided | 2004-07-07 | 2025-04-03 |
Known software with vulnerabilities from Heimdal Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Heimdal Project | Heimdal | 0.0j |