Known Vulnerabilities for products from Mit
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Mit".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-37750 | The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dere... | 6.5 - MEDIUM | 2021-08-23 | 2023-11-07 |
| CVE-2021-36222 | ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x ... | 7.5 - HIGH | 2021-07-22 | 2021-11-28 |
| CVE-2021-32471 | Insufficient input validation in the Marvin Minsky 1967 implementation of the Universal Turing Machine allows program users t... | 7.8 - HIGH | 2021-05-10 | 2021-05-19 |
| CVE-2020-28196 | MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos mes... | 7.5 - HIGH | 2020-11-06 | 2023-11-07 |
| CVE-2020-27428 | A DOM-based cross-site scripting (XSS) vulnerability in Scratch-Svg-Renderer v0.2.0 allows attackers to execute arbitrary web... | 6.1 - MEDIUM | 2022-01-06 | 2022-01-12 |
| CVE-2020-14000 | MIT Lifelong Kindergarten Scratch scratch-vm before 0.2.0-prerelease.20200714185213 loads extension URLs from untrusted proje... | 9.8 - CRITICAL | 2020-07-16 | 2020-07-24 |
| CVE-2020-7750 | This affects the package scratch-svg-renderer before 0.2.0-prerelease.20201019174008. The loadString function does not escape... | 9.6 - CRITICAL | 2020-10-21 | 2020-12-02 |
| CVE-2019-25018 | In the rcp client in MIT krb5-appl through 1.0.3, malicious servers could bypass intended access restrictions via the filenam... | 7.5 - HIGH | 2021-02-02 | 2021-07-21 |
| CVE-2019-25017 | An issue was discovered in rcp in MIT krb5-appl through 1.0.3. Due to the rcp implementation being derived from 1983 rcp, the... | 5.9 - MEDIUM | 2021-02-02 | 2021-07-21 |
| CVE-2019-14844 | A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including 1.17.x, in the way a Kerberos client could crash the K... | 7.5 - HIGH | 2019-09-26 | 2023-02-12 |
| CVE-2018-20217 | A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a k... | 5.3 - MEDIUM | 2018-12-26 | 2023-11-07 |
| CVE-2018-5730 | MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circum... | 3.8 - LOW | 2018-03-06 | 2023-11-07 |
| CVE-2018-5729 | MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause ... | 4.7 - MEDIUM | 2018-03-06 | 2023-11-07 |
| CVE-2018-5710 | An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" stri... | 6.5 - MEDIUM | 2018-01-16 | 2023-11-07 |
| CVE-2018-5709 | An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil... | 7.5 - HIGH | 2018-01-16 | 2023-11-07 |
| CVE-2017-15088 | plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN)... | 9.8 - CRITICAL | 2017-11-23 | 2021-01-26 |
| CVE-2017-11462 | Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving auto... | 9.8 - CRITICAL | 2017-09-13 | 2023-11-07 |
| CVE-2017-11368 | In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4... | 6.5 - MEDIUM | 2017-08-09 | 2023-11-07 |
| CVE-2017-7562 | An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client c... | 6.5 - MEDIUM | 2018-07-26 | 2023-02-12 |
| CVE-2016-3120 | The validate_as_request function in kdc_util.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.13.... | 6.5 - MEDIUM | 2016-08-01 | 2023-11-07 |
Known software with vulnerabilities from Mit
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Mit | Cgiemail | - |
| Application | Mit | Kerberos | - |
| Application | Mit | Kerberos 5 | - |
| Application | Mit | Kerberos Ftp Client | - |
| Application | Mit | Pgp Public Key Server | - |
| Application | Mit | Scratch-svg-renderer | 0.1.0 |
| Application | Mit | Scratch-vm | - |