Known Vulnerabilities for products from Mit
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Mit".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-39975 json | kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a double free that is reachable if an authenticated user... | 8.8 - HIGH | 2023-08-16 | 2024-02-01 |
| CVE-2023-36054 json | lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. ... | 6.5 - MEDIUM | 2023-08-07 | 2023-11-15 |
| CVE-2022-42898 json | PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote... | 8.8 - HIGH | 2022-12-25 | 2023-10-08 |
| CVE-2022-39028 json | telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0x... | 7.5 - HIGH | 2022-08-30 | 2023-09-27 |
| CVE-2021-37750 json | The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dere... | 6.5 - MEDIUM | 2021-08-23 | 2023-11-07 |
| CVE-2021-36222 json | ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x ... | 7.5 - HIGH | 2021-07-22 | 2021-11-28 |
| CVE-2021-32471 json | Insufficient input validation in the Marvin Minsky 1967 implementation of the Universal Turing Machine allows program users t... | 7.8 - HIGH | 2021-05-10 | 2021-05-19 |
| CVE-2020-28196 json | MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos mes... | 7.5 - HIGH | 2020-11-06 | 2023-11-07 |
| CVE-2020-27428 json | A DOM-based cross-site scripting (XSS) vulnerability in Scratch-Svg-Renderer v0.2.0 allows attackers to execute arbitrary web... | 6.1 - MEDIUM | 2022-01-06 | 2022-01-12 |
| CVE-2020-14000 json | MIT Lifelong Kindergarten Scratch scratch-vm before 0.2.0-prerelease.20200714185213 loads extension URLs from untrusted proje... | 9.8 - CRITICAL | 2020-07-16 | 2020-07-24 |
| CVE-2020-7750 json | This affects the package scratch-svg-renderer before 0.2.0-prerelease.20201019174008. The loadString function does not escape... | 9.6 - CRITICAL | 2020-10-21 | 2020-12-02 |
| CVE-2019-25018 json | In the rcp client in MIT krb5-appl through 1.0.3, malicious servers could bypass intended access restrictions via the filenam... | 7.5 - HIGH | 2021-02-02 | 2021-07-21 |
| CVE-2019-25017 json | An issue was discovered in rcp in MIT krb5-appl through 1.0.3. Due to the rcp implementation being derived from 1983 rcp, the... | 5.9 - MEDIUM | 2021-02-02 | 2021-07-21 |
| CVE-2019-14844 json | A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including 1.17.x, in the way a Kerberos client could crash the K... | 7.5 - HIGH | 2019-09-26 | 2023-02-12 |
| CVE-2018-20217 json | A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a k... | 5.3 - MEDIUM | 2018-12-26 | 2023-11-07 |
| CVE-2018-5730 json | MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circum... | 3.8 - LOW | 2018-03-06 | 2023-11-07 |
| CVE-2018-5729 json | MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause ... | 4.7 - MEDIUM | 2018-03-06 | 2023-11-07 |
| CVE-2018-5710 json | An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" stri... | 6.5 - MEDIUM | 2018-01-16 | 2023-11-07 |
| CVE-2018-5709 json | An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil... | 7.5 - HIGH | 2018-01-16 | 2023-11-07 |
| CVE-2017-15088 json | plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN)... | 9.8 - CRITICAL | 2017-11-23 | 2021-01-26 |
Known software with vulnerabilities from Mit
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Mit | Cgiemail | - |
| Application | Mit | Kerberos | - |
| Application | Mit | Kerberos 5 | - |
| Application | Mit | Kerberos Ftp Client | - |
| Application | Mit | Pgp Public Key Server | - |
| Application | Mit | Scratch-svg-renderer | 0.1.0 |
| Application | Mit | Scratch-vm | - |