VYPR
Vendor

Gss

Products
2
CVEs
7
Across products
7
Status
Private

Products

2

Recent CVEs

7
  • CVE-2026-4639HigMar 24, 2026
    risk 0.57cvss 8.8epss 0.00

    Vitals ESP developed by Galaxy Software Services has a Incorrect Authorization vulnerability, allowing authenticated remote attackers to perform certain administrative functions, thereby escalating privileges.

  • CVE-2026-4640HigMar 24, 2026
    risk 0.49cvss 7.5epss 0.00

    Vitals ESP developed by Galaxy Software Services has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to execute certain functions to obtain sensitive information.

  • CVE-2023-25567Feb 14, 2023
    risk 0.00cvss epss 0.01

    GSS-NTLMSSP, a mechglue plugin for the GSSAPI library that implements NTLM authentication, has an out-of-bounds read when decoding target information prior to version 1.2.0. The length of the `av_pair` is not checked properly for two of the elements which can trigger an…

  • CVE-2023-25566Feb 14, 2023
    risk 0.00cvss epss 0.01

    GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, a memory leak can be triggered when parsing usernames which can trigger a denial-of-service. The domain portion of a username may be overridden causing an…

  • CVE-2023-25565Feb 14, 2023
    risk 0.00cvss epss 0.01

    GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, an incorrect free when decoding target information can trigger a denial of service. The error condition incorrectly assumes the `cb` and `sh` buffers contain a…

  • CVE-2023-25564Feb 14, 2023
    risk 0.00cvss epss 0.02

    GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, memory corruption can be triggered when decoding UTF16 strings. The variable `outlen` was not initialized and could cause writing a zero to an arbitrary place in…

  • CVE-2023-25563Feb 14, 2023
    risk 0.00cvss epss 0.01

    GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, multiple out-of-bounds reads when decoding NTLM fields can trigger a denial of service. A 32-bit integer overflow condition can lead to incorrect checks of…