| 0 |
| url |
VCID-1fpz-k79d-t3bs |
| vulnerability_id |
VCID-1fpz-k79d-t3bs |
| summary |
An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several RPC server routines did not fully initialize their output variables before returning, leaking memory contents from both the stack and the heap. Because the OpenAFS cache manager functions as an Rx server for the AFSCB service, clients are also susceptible to information leakage. For example, RXAFSCB_TellMeAboutYourself leaks kernel memory and KAM_ListEntry leaks kaserver memory. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-16948 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00357 |
| scoring_system |
epss |
| scoring_elements |
0.58208 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00357 |
| scoring_system |
epss |
| scoring_elements |
0.58257 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00357 |
| scoring_system |
epss |
| scoring_elements |
0.58265 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00357 |
| scoring_system |
epss |
| scoring_elements |
0.58255 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00357 |
| scoring_system |
epss |
| scoring_elements |
0.5824 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-16948 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-16948
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1fpz-k79d-t3bs |
|
| 1 |
| url |
VCID-1xfw-vv5d-93b5 |
| vulnerability_id |
VCID-1xfw-vv5d-93b5 |
| summary |
pioctls in OpenAFS 1.6.x before 1.6.13 allows local users to read kernel memory via crafted commands. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2015-3284 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00062 |
| scoring_system |
epss |
| scoring_elements |
0.19616 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00062 |
| scoring_system |
epss |
| scoring_elements |
0.19693 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00062 |
| scoring_system |
epss |
| scoring_elements |
0.19689 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00062 |
| scoring_system |
epss |
| scoring_elements |
0.19645 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00062 |
| scoring_system |
epss |
| scoring_elements |
0.19577 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2015-3284 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| purl |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-78ha-yjbm-8bca |
|
| 8 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 9 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 10 |
| vulnerability |
VCID-bu6u-mgss-jyhg |
|
| 11 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 12 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 13 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 14 |
| vulnerability |
VCID-fp5n-tqx6-b7g1 |
|
| 15 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 16 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 17 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 18 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 19 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 20 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 21 |
| vulnerability |
VCID-uw32-c1ap-9yet |
|
| 22 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 23 |
| vulnerability |
VCID-wyc1-fb71-a3g2 |
|
| 24 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 25 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5 |
|
| 1 |
| url |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u4~bpo70%2B1 |
| purl |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u4~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 8 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 9 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 10 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 11 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 12 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 13 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 14 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 15 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 16 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 17 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 18 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 19 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 20 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u4~bpo70%252B1 |
|
| 2 |
|
|
| aliases |
CVE-2015-3284
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1xfw-vv5d-93b5 |
|
| 2 |
| url |
VCID-1yg1-xvt5-yugp |
| vulnerability_id |
VCID-1yg1-xvt5-yugp |
| summary |
vos in OpenAFS before 1.6.13, when updating VLDB entries, allows remote attackers to obtain stack data by sniffing the network. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2015-3282 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.64986 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.65029 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.65039 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.65027 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.65015 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2015-3282 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| purl |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-78ha-yjbm-8bca |
|
| 8 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 9 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 10 |
| vulnerability |
VCID-bu6u-mgss-jyhg |
|
| 11 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 12 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 13 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 14 |
| vulnerability |
VCID-fp5n-tqx6-b7g1 |
|
| 15 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 16 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 17 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 18 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 19 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 20 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 21 |
| vulnerability |
VCID-uw32-c1ap-9yet |
|
| 22 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 23 |
| vulnerability |
VCID-wyc1-fb71-a3g2 |
|
| 24 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 25 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5 |
|
| 1 |
| url |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u4~bpo70%2B1 |
| purl |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u4~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 8 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 9 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 10 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 11 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 12 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 13 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 14 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 15 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 16 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 17 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 18 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 19 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 20 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u4~bpo70%252B1 |
|
| 2 |
|
|
| aliases |
CVE-2015-3282
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1yg1-xvt5-yugp |
|
| 3 |
| url |
VCID-3jm4-2n5b-5ygs |
| vulnerability_id |
VCID-3jm4-2n5b-5ygs |
| summary |
Off-by-one error in afs_pioctl.c in OpenAFS before 1.6.16 might allow local users to cause a denial of service (memory overwrite and system crash) via a pioctl with an input buffer size of 4096 bytes. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2015-8312 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12309 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12392 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12393 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12357 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.0004 |
| scoring_system |
epss |
| scoring_elements |
0.12276 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2015-8312 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u7 |
| purl |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 8 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 9 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 10 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 11 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 12 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 13 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 14 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 15 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 16 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 17 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 18 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 19 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 20 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u7 |
|
| 1 |
|
|
| aliases |
CVE-2015-8312
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3jm4-2n5b-5ygs |
|
| 4 |
|
| 5 |
| url |
VCID-5ksv-vbwy-gygz |
| vulnerability_id |
VCID-5ksv-vbwy-gygz |
| summary |
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability because uninitialized scalars are sent over the network to a peer. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-18602 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00413 |
| scoring_system |
epss |
| scoring_elements |
0.6181 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00413 |
| scoring_system |
epss |
| scoring_elements |
0.61859 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00413 |
| scoring_system |
epss |
| scoring_elements |
0.61867 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00413 |
| scoring_system |
epss |
| scoring_elements |
0.61856 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00413 |
| scoring_system |
epss |
| scoring_elements |
0.61841 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-18602 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-18602
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5ksv-vbwy-gygz |
|
| 6 |
| url |
VCID-7693-4ytg-h7c7 |
| vulnerability_id |
VCID-7693-4ytg-h7c7 |
| summary |
OpenAFS 1.x before 1.6.22 does not properly validate Rx ack packets, which allows remote attackers to cause a denial of service (system crash or application crash) via crafted fields, as demonstrated by an integer underflow and assertion failure for a small MTU value. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-17432 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01235 |
| scoring_system |
epss |
| scoring_elements |
0.79547 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.01235 |
| scoring_system |
epss |
| scoring_elements |
0.79573 |
| published_at |
2026-06-07T12:55:00Z |
|
| 2 |
| value |
0.01235 |
| scoring_system |
epss |
| scoring_elements |
0.79579 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.01235 |
| scoring_system |
epss |
| scoring_elements |
0.79563 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-17432 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u7 |
| purl |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 8 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 9 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 10 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 11 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 12 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 13 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 14 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 15 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 16 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 17 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 18 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 19 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 20 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u7 |
|
| 1 |
|
| 2 |
|
|
| aliases |
CVE-2017-17432
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7693-4ytg-h7c7 |
|
| 7 |
| url |
VCID-78ha-yjbm-8bca |
| vulnerability_id |
VCID-78ha-yjbm-8bca |
| summary |
Buffer overflow in the GetStatistics64 remote procedure call (RPC) in OpenAFS 1.4.8 before 1.6.7 allows remote attackers to cause a denial of service (crash) via a crafted statsVersion argument. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-0159 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01389 |
| scoring_system |
epss |
| scoring_elements |
0.80683 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.01389 |
| scoring_system |
epss |
| scoring_elements |
0.8071 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.01389 |
| scoring_system |
epss |
| scoring_elements |
0.80713 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.01389 |
| scoring_system |
epss |
| scoring_elements |
0.80709 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.01389 |
| scoring_system |
epss |
| scoring_elements |
0.80706 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-0159 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| purl |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-78ha-yjbm-8bca |
|
| 8 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 9 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 10 |
| vulnerability |
VCID-bu6u-mgss-jyhg |
|
| 11 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 12 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 13 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 14 |
| vulnerability |
VCID-fp5n-tqx6-b7g1 |
|
| 15 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 16 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 17 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 18 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 19 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 20 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 21 |
| vulnerability |
VCID-uw32-c1ap-9yet |
|
| 22 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 23 |
| vulnerability |
VCID-wyc1-fb71-a3g2 |
|
| 24 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 25 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5 |
|
| 1 |
| url |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u2 |
| purl |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 8 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 9 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 10 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 11 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 12 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 13 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 14 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 15 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 16 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 17 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 18 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 19 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 20 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u2 |
|
|
| aliases |
CVE-2014-0159
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-78ha-yjbm-8bca |
|
| 8 |
| url |
VCID-79rk-s436-rbh1 |
| vulnerability_id |
VCID-79rk-s436-rbh1 |
| summary |
Double free vulnerability in the Rx server process in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions allows remote attackers to cause a denial of service and execute arbitrary code via unknown vectors. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-0430 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02959 |
| scoring_system |
epss |
| scoring_elements |
0.86739 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.02959 |
| scoring_system |
epss |
| scoring_elements |
0.86762 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.02959 |
| scoring_system |
epss |
| scoring_elements |
0.8676 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.02959 |
| scoring_system |
epss |
| scoring_elements |
0.86757 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.02959 |
| scoring_system |
epss |
| scoring_elements |
0.86747 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-0430 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| purl |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-78ha-yjbm-8bca |
|
| 8 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 9 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 10 |
| vulnerability |
VCID-bu6u-mgss-jyhg |
|
| 11 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 12 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 13 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 14 |
| vulnerability |
VCID-fp5n-tqx6-b7g1 |
|
| 15 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 16 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 17 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 18 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 19 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 20 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 21 |
| vulnerability |
VCID-uw32-c1ap-9yet |
|
| 22 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 23 |
| vulnerability |
VCID-wyc1-fb71-a3g2 |
|
| 24 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 25 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5 |
|
|
| aliases |
CVE-2011-0430
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-79rk-s436-rbh1 |
|
| 9 |
| url |
VCID-82ab-dv8d-9bfv |
| vulnerability_id |
VCID-82ab-dv8d-9bfv |
| summary |
OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the (1) client cache partition, (2) fileserver vice partition, or (3) certain RPC responses. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9772 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00264 |
| scoring_system |
epss |
| scoring_elements |
0.50068 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00264 |
| scoring_system |
epss |
| scoring_elements |
0.50129 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00264 |
| scoring_system |
epss |
| scoring_elements |
0.50138 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00264 |
| scoring_system |
epss |
| scoring_elements |
0.50123 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00264 |
| scoring_system |
epss |
| scoring_elements |
0.50094 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-9772 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-9772
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-82ab-dv8d-9bfv |
|
| 10 |
| url |
VCID-9tr8-64hh-9kdp |
| vulnerability_id |
VCID-9tr8-64hh-9kdp |
| summary |
The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58, and IBM AFS 3.6 before Patch 19, on Linux allows remote attackers to cause a denial of service (system crash) via an RX response with a large error-code value that is interpreted as a pointer and dereferenced, related to use of the ERR_PTR macro. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1250 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.05847 |
| scoring_system |
epss |
| scoring_elements |
0.90712 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.05847 |
| scoring_system |
epss |
| scoring_elements |
0.90725 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.05847 |
| scoring_system |
epss |
| scoring_elements |
0.90724 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.05847 |
| scoring_system |
epss |
| scoring_elements |
0.90722 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.05847 |
| scoring_system |
epss |
| scoring_elements |
0.90719 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1250 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/openafs@1.4.12.1%2Bdfsg-4%2Bsqueeze3 |
| purl |
pkg:deb/debian/openafs@1.4.12.1%2Bdfsg-4%2Bsqueeze3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-78ha-yjbm-8bca |
|
| 8 |
| vulnerability |
VCID-79rk-s436-rbh1 |
|
| 9 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 10 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 11 |
| vulnerability |
VCID-bu6u-mgss-jyhg |
|
| 12 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 13 |
| vulnerability |
VCID-dtye-ub63-ekf4 |
|
| 14 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 15 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 16 |
| vulnerability |
VCID-fp5n-tqx6-b7g1 |
|
| 17 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 18 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 19 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 20 |
| vulnerability |
VCID-m6d1-s7w9-7qbv |
|
| 21 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 22 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 23 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 24 |
| vulnerability |
VCID-uw32-c1ap-9yet |
|
| 25 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 26 |
| vulnerability |
VCID-wyc1-fb71-a3g2 |
|
| 27 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 28 |
| vulnerability |
VCID-z151-brjq-yuht |
|
| 29 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.4.12.1%252Bdfsg-4%252Bsqueeze3 |
|
|
| aliases |
CVE-2009-1250
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9tr8-64hh-9kdp |
|
| 11 |
| url |
VCID-a4wg-mgba-f7ds |
| vulnerability_id |
VCID-a4wg-mgba-f7ds |
| summary |
Heap-based buffer overflow in the cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via an RX response containing more data than specified in a request, related to use of XDR arrays. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1251 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.09904 |
| scoring_system |
epss |
| scoring_elements |
0.93151 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.09904 |
| scoring_system |
epss |
| scoring_elements |
0.93162 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.09904 |
| scoring_system |
epss |
| scoring_elements |
0.93161 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.09904 |
| scoring_system |
epss |
| scoring_elements |
0.93158 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.09904 |
| scoring_system |
epss |
| scoring_elements |
0.93156 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-1251 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/openafs@1.4.12.1%2Bdfsg-4%2Bsqueeze3 |
| purl |
pkg:deb/debian/openafs@1.4.12.1%2Bdfsg-4%2Bsqueeze3 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-78ha-yjbm-8bca |
|
| 8 |
| vulnerability |
VCID-79rk-s436-rbh1 |
|
| 9 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 10 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 11 |
| vulnerability |
VCID-bu6u-mgss-jyhg |
|
| 12 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 13 |
| vulnerability |
VCID-dtye-ub63-ekf4 |
|
| 14 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 15 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 16 |
| vulnerability |
VCID-fp5n-tqx6-b7g1 |
|
| 17 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 18 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 19 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 20 |
| vulnerability |
VCID-m6d1-s7w9-7qbv |
|
| 21 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 22 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 23 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 24 |
| vulnerability |
VCID-uw32-c1ap-9yet |
|
| 25 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 26 |
| vulnerability |
VCID-wyc1-fb71-a3g2 |
|
| 27 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 28 |
| vulnerability |
VCID-z151-brjq-yuht |
|
| 29 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.4.12.1%252Bdfsg-4%252Bsqueeze3 |
|
|
| aliases |
CVE-2009-1251
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-a4wg-mgba-f7ds |
|
| 12 |
| url |
VCID-anxg-fktu-pfcu |
| vulnerability_id |
VCID-anxg-fktu-pfcu |
| summary |
rx/rx.c in OpenAFS before 1.6.15 and 1.7.x before 1.7.33 does not properly initialize the padding of a data structure when constructing an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2015-7762 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.64986 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.65029 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.65039 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.65027 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.65015 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2015-7762 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| purl |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-78ha-yjbm-8bca |
|
| 8 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 9 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 10 |
| vulnerability |
VCID-bu6u-mgss-jyhg |
|
| 11 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 12 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 13 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 14 |
| vulnerability |
VCID-fp5n-tqx6-b7g1 |
|
| 15 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 16 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 17 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 18 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 19 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 20 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 21 |
| vulnerability |
VCID-uw32-c1ap-9yet |
|
| 22 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 23 |
| vulnerability |
VCID-wyc1-fb71-a3g2 |
|
| 24 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 25 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5 |
|
| 1 |
| url |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u7 |
| purl |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 8 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 9 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 10 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 11 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 12 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 13 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 14 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 15 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 16 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 17 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 18 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 19 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 20 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u7 |
|
| 2 |
|
|
| aliases |
CVE-2015-7762
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-anxg-fktu-pfcu |
|
| 13 |
| url |
VCID-b9m1-xt9p-myhn |
| vulnerability_id |
VCID-b9m1-xt9p-myhn |
| summary |
Race condition in fileserver in OpenAFS 1.3.50 through 1.4.5 and 1.5.0 through 1.5.27 allows remote attackers to cause a denial of service (daemon crash) by simultaneously acquiring and giving back file callbacks, which causes the handler for the GiveUpAllCallBacks RPC to perform linked-list operations without the host_glock lock. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2007-6599 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01514 |
| scoring_system |
epss |
| scoring_elements |
0.81545 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.01514 |
| scoring_system |
epss |
| scoring_elements |
0.81573 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.01514 |
| scoring_system |
epss |
| scoring_elements |
0.81576 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.01514 |
| scoring_system |
epss |
| scoring_elements |
0.81575 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.01514 |
| scoring_system |
epss |
| scoring_elements |
0.81567 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2007-6599 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/openafs@1.4.7.dfsg1-6%2Blenny4 |
| purl |
pkg:deb/debian/openafs@1.4.7.dfsg1-6%2Blenny4 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-78ha-yjbm-8bca |
|
| 8 |
| vulnerability |
VCID-79rk-s436-rbh1 |
|
| 9 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 10 |
| vulnerability |
VCID-9tr8-64hh-9kdp |
|
| 11 |
| vulnerability |
VCID-a4wg-mgba-f7ds |
|
| 12 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 13 |
| vulnerability |
VCID-bu6u-mgss-jyhg |
|
| 14 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 15 |
| vulnerability |
VCID-dtye-ub63-ekf4 |
|
| 16 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 17 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 18 |
| vulnerability |
VCID-fp5n-tqx6-b7g1 |
|
| 19 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 20 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 21 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 22 |
| vulnerability |
VCID-m6d1-s7w9-7qbv |
|
| 23 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 24 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 25 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 26 |
| vulnerability |
VCID-uw32-c1ap-9yet |
|
| 27 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 28 |
| vulnerability |
VCID-wyc1-fb71-a3g2 |
|
| 29 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 30 |
| vulnerability |
VCID-z151-brjq-yuht |
|
| 31 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.4.7.dfsg1-6%252Blenny4 |
|
|
| aliases |
CVE-2007-6599
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b9m1-xt9p-myhn |
|
| 14 |
| url |
VCID-bu6u-mgss-jyhg |
| vulnerability_id |
VCID-bu6u-mgss-jyhg |
| summary |
The vos command in OpenAFS 1.6.x before 1.6.5, when using the -encrypt option, only enables integrity protection and sends data in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2013-4135 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.51911 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.51971 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.5198 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.51959 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00283 |
| scoring_system |
epss |
| scoring_elements |
0.51928 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2013-4135 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| purl |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-78ha-yjbm-8bca |
|
| 8 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 9 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 10 |
| vulnerability |
VCID-bu6u-mgss-jyhg |
|
| 11 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 12 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 13 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 14 |
| vulnerability |
VCID-fp5n-tqx6-b7g1 |
|
| 15 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 16 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 17 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 18 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 19 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 20 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 21 |
| vulnerability |
VCID-uw32-c1ap-9yet |
|
| 22 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 23 |
| vulnerability |
VCID-wyc1-fb71-a3g2 |
|
| 24 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 25 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5 |
|
| 1 |
| url |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u2 |
| purl |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 8 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 9 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 10 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 11 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 12 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 13 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 14 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 15 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 16 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 17 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 18 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 19 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 20 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u2 |
|
|
| aliases |
CVE-2013-4135
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bu6u-mgss-jyhg |
|
| 15 |
| url |
VCID-cf6s-k59z-6ueb |
| vulnerability_id |
VCID-cf6s-k59z-6ueb |
| summary |
The newEntry function in ptserver/ptprocs.c in OpenAFS before 1.6.17 allows remote authenticated users from foreign Kerberos realms to bypass intended access restrictions and create arbitrary groups as administrators by leveraging mishandling of the creator ID. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2860 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00252 |
| scoring_system |
epss |
| scoring_elements |
0.48732 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00252 |
| scoring_system |
epss |
| scoring_elements |
0.48793 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00252 |
| scoring_system |
epss |
| scoring_elements |
0.48802 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00252 |
| scoring_system |
epss |
| scoring_elements |
0.48783 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00252 |
| scoring_system |
epss |
| scoring_elements |
0.48753 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-2860 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u7 |
| purl |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 8 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 9 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 10 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 11 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 12 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 13 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 14 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 15 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 16 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 17 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 18 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 19 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 20 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u7 |
|
| 1 |
|
|
| aliases |
CVE-2016-2860
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cf6s-k59z-6ueb |
|
| 16 |
| url |
VCID-dtye-ub63-ekf4 |
| vulnerability_id |
VCID-dtye-ub63-ekf4 |
| summary |
Integer overflow in ptserver in OpenAFS before 1.6.2 allows remote attackers to cause a denial of service (crash) via a large list from the IdToName RPC, which triggers a heap-based buffer overflow. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2013-1795 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02115 |
| scoring_system |
epss |
| scoring_elements |
0.84433 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.02115 |
| scoring_system |
epss |
| scoring_elements |
0.84456 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.02115 |
| scoring_system |
epss |
| scoring_elements |
0.84459 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.02115 |
| scoring_system |
epss |
| scoring_elements |
0.84452 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.02115 |
| scoring_system |
epss |
| scoring_elements |
0.8444 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2013-1795 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| purl |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-78ha-yjbm-8bca |
|
| 8 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 9 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 10 |
| vulnerability |
VCID-bu6u-mgss-jyhg |
|
| 11 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 12 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 13 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 14 |
| vulnerability |
VCID-fp5n-tqx6-b7g1 |
|
| 15 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 16 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 17 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 18 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 19 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 20 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 21 |
| vulnerability |
VCID-uw32-c1ap-9yet |
|
| 22 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 23 |
| vulnerability |
VCID-wyc1-fb71-a3g2 |
|
| 24 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 25 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5 |
|
|
| aliases |
CVE-2013-1795
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dtye-ub63-ekf4 |
|
| 17 |
| url |
VCID-edpv-p5uh-77he |
| vulnerability_id |
VCID-edpv-p5uh-77he |
| summary |
An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several data types used as RPC input variables were implemented as unbounded array types, limited only by the inherent 32-bit length field to 4 GB. An unauthenticated attacker could send, or claim to send, large input values and consume server resources waiting for those inputs, denying service to other valid connections. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-16949 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.04608 |
| scoring_system |
epss |
| scoring_elements |
0.8944 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.04608 |
| scoring_system |
epss |
| scoring_elements |
0.89458 |
| published_at |
2026-06-08T12:55:00Z |
|
| 2 |
| value |
0.04608 |
| scoring_system |
epss |
| scoring_elements |
0.89457 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.04608 |
| scoring_system |
epss |
| scoring_elements |
0.89456 |
| published_at |
2026-06-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-16949 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-16949
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-edpv-p5uh-77he |
|
| 18 |
| url |
VCID-effs-dv1k-rkaf |
| vulnerability_id |
VCID-effs-dv1k-rkaf |
| summary |
The pioctl for the OSD FS command in OpenAFS before 1.6.13 uses the wrong pointer when writing the results of the RPC, which allows local users to cause a denial of service (memory corruption and kernel panic) via a crafted OSD FS command. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2015-3285 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00081 |
| scoring_system |
epss |
| scoring_elements |
0.23762 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00081 |
| scoring_system |
epss |
| scoring_elements |
0.23855 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00081 |
| scoring_system |
epss |
| scoring_elements |
0.2384 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00081 |
| scoring_system |
epss |
| scoring_elements |
0.23791 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00081 |
| scoring_system |
epss |
| scoring_elements |
0.23738 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2015-3285 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| purl |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-78ha-yjbm-8bca |
|
| 8 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 9 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 10 |
| vulnerability |
VCID-bu6u-mgss-jyhg |
|
| 11 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 12 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 13 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 14 |
| vulnerability |
VCID-fp5n-tqx6-b7g1 |
|
| 15 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 16 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 17 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 18 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 19 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 20 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 21 |
| vulnerability |
VCID-uw32-c1ap-9yet |
|
| 22 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 23 |
| vulnerability |
VCID-wyc1-fb71-a3g2 |
|
| 24 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 25 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5 |
|
| 1 |
| url |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u4~bpo70%2B1 |
| purl |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u4~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 8 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 9 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 10 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 11 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 12 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 13 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 14 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 15 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 16 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 17 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 18 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 19 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 20 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u4~bpo70%252B1 |
|
| 2 |
|
|
| aliases |
CVE-2015-3285
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-effs-dv1k-rkaf |
|
| 19 |
| url |
VCID-fp5n-tqx6-b7g1 |
| vulnerability_id |
VCID-fp5n-tqx6-b7g1 |
| summary |
OpenAFS 1.6.8 does not properly clear the fields in the host structure, which allows remote attackers to cause a denial of service (uninitialized memory access and crash) via unspecified vectors related to TMAY requests. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-4044 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00603 |
| scoring_system |
epss |
| scoring_elements |
0.69934 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00603 |
| scoring_system |
epss |
| scoring_elements |
0.69974 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00603 |
| scoring_system |
epss |
| scoring_elements |
0.69983 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00603 |
| scoring_system |
epss |
| scoring_elements |
0.6997 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00603 |
| scoring_system |
epss |
| scoring_elements |
0.69958 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-4044 |
|
| 1 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u2 |
| purl |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 8 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 9 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 10 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 11 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 12 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 13 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 14 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 15 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 16 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 17 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 18 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 19 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 20 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u2 |
|
|
| aliases |
CVE-2014-4044
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fp5n-tqx6-b7g1 |
|
| 20 |
| url |
VCID-h3xe-yaja-vbds |
| vulnerability_id |
VCID-h3xe-yaja-vbds |
| summary |
An authenticated user can provide a malformed ACL to the fileserver's StoreACL RPC, causing the fileserver to crash, possibly expose uninitialized memory, and possibly store garbage data in the audit log. Malformed ACLs provided in responses to client FetchACL RPCs can cause client processes to crash and possibly expose uninitialized memory into other ACLs stored on the server. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-10396 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40119 |
| published_at |
2026-06-08T12:55:00Z |
|
| 1 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40172 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40176 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40147 |
| published_at |
2026-06-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-10396 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://www.openafs.org/security |
| reference_id |
security |
| reference_type |
|
| scores |
| 0 |
| value |
6.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
|
| 1 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T15:58:56Z/ |
|
|
| url |
https://www.openafs.org/security |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-10396
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-h3xe-yaja-vbds |
|
| 21 |
| url |
VCID-j6z8-ka18-xucr |
| vulnerability_id |
VCID-j6z8-ka18-xucr |
| summary |
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to denial of service from unserialized data access because remote attackers can make a series of VOTE_Debug RPC calls to crash a database server within the SVOTE_Debug RPC handler. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-18601 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01102 |
| scoring_system |
epss |
| scoring_elements |
0.78404 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.01102 |
| scoring_system |
epss |
| scoring_elements |
0.78432 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.01102 |
| scoring_system |
epss |
| scoring_elements |
0.7844 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.01102 |
| scoring_system |
epss |
| scoring_elements |
0.7843 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.01102 |
| scoring_system |
epss |
| scoring_elements |
0.78418 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-18601 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-18601
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j6z8-ka18-xucr |
|
| 22 |
| url |
VCID-m4ch-et4w-5bbq |
| vulnerability_id |
VCID-m4ch-et4w-5bbq |
| summary |
A local user can bypass the OpenAFS PAG (Process Authentication Group) throttling mechanism in Unix clients, allowing the user to create a PAG using an existing id number, effectively joining the PAG and letting the user steal the credentials in that PAG. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-10394 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.03437 |
| published_at |
2026-06-08T12:55:00Z |
|
| 1 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.03462 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.03475 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00015 |
| scoring_system |
epss |
| scoring_elements |
0.03458 |
| published_at |
2026-06-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-10394 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://www.openafs.org/security |
| reference_id |
security |
| reference_type |
|
| scores |
| 0 |
| value |
8.4 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N |
|
| 1 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T15:59:42Z/ |
|
|
| url |
https://www.openafs.org/security |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-10394
|
| risk_score |
2.1 |
| exploitability |
0.5 |
| weighted_severity |
4.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-m4ch-et4w-5bbq |
|
| 23 |
| url |
VCID-m6d1-s7w9-7qbv |
| vulnerability_id |
VCID-m6d1-s7w9-7qbv |
| summary |
Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long fileserver ACL entry. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2013-1794 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02802 |
| scoring_system |
epss |
| scoring_elements |
0.86389 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.02802 |
| scoring_system |
epss |
| scoring_elements |
0.86412 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.02802 |
| scoring_system |
epss |
| scoring_elements |
0.86413 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.02802 |
| scoring_system |
epss |
| scoring_elements |
0.86409 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.02802 |
| scoring_system |
epss |
| scoring_elements |
0.86397 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2013-1794 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| purl |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-78ha-yjbm-8bca |
|
| 8 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 9 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 10 |
| vulnerability |
VCID-bu6u-mgss-jyhg |
|
| 11 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 12 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 13 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 14 |
| vulnerability |
VCID-fp5n-tqx6-b7g1 |
|
| 15 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 16 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 17 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 18 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 19 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 20 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 21 |
| vulnerability |
VCID-uw32-c1ap-9yet |
|
| 22 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 23 |
| vulnerability |
VCID-wyc1-fb71-a3g2 |
|
| 24 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 25 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5 |
|
|
| aliases |
CVE-2013-1794
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-m6d1-s7w9-7qbv |
|
| 24 |
| url |
VCID-mhk5-kb1q-kqdk |
| vulnerability_id |
VCID-mhk5-kb1q-kqdk |
| summary |
The default configuration in OpenAFS 1.4.x before 1.4.4 and 1.5.x before 1.5.17 supports setuid programs within the local cell, which might allow attackers to gain privileges by spoofing a response to an AFS cache manager FetchStatus request, and setting setuid and root ownership for files in the cache. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2007-1507 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01726 |
| scoring_system |
epss |
| scoring_elements |
0.82776 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.01726 |
| scoring_system |
epss |
| scoring_elements |
0.82801 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.01726 |
| scoring_system |
epss |
| scoring_elements |
0.82799 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.01726 |
| scoring_system |
epss |
| scoring_elements |
0.82798 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.01726 |
| scoring_system |
epss |
| scoring_elements |
0.82791 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2007-1507 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/openafs@1.4.2-6 |
| purl |
pkg:deb/debian/openafs@1.4.2-6 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-78ha-yjbm-8bca |
|
| 8 |
| vulnerability |
VCID-79rk-s436-rbh1 |
|
| 9 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 10 |
| vulnerability |
VCID-9tr8-64hh-9kdp |
|
| 11 |
| vulnerability |
VCID-a4wg-mgba-f7ds |
|
| 12 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 13 |
| vulnerability |
VCID-b9m1-xt9p-myhn |
|
| 14 |
| vulnerability |
VCID-bu6u-mgss-jyhg |
|
| 15 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 16 |
| vulnerability |
VCID-dtye-ub63-ekf4 |
|
| 17 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 18 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 19 |
| vulnerability |
VCID-fp5n-tqx6-b7g1 |
|
| 20 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 21 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 22 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 23 |
| vulnerability |
VCID-m6d1-s7w9-7qbv |
|
| 24 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 25 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 26 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 27 |
| vulnerability |
VCID-uw32-c1ap-9yet |
|
| 28 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 29 |
| vulnerability |
VCID-wyc1-fb71-a3g2 |
|
| 30 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 31 |
| vulnerability |
VCID-z151-brjq-yuht |
|
| 32 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.4.2-6 |
|
|
| aliases |
CVE-2007-1507
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mhk5-kb1q-kqdk |
|
| 25 |
| url |
VCID-pr58-m7ms-2ffh |
| vulnerability_id |
VCID-pr58-m7ms-2ffh |
| summary |
The client in OpenAFS before 1.6.17 does not properly initialize the (1) AFSStoreStatus, (2) AFSStoreVolumeStatus, (3) VldbListByAttributes, and (4) ListAddrByAttributes structures, which might allow remote attackers to obtain sensitive memory information by leveraging access to RPC call traffic. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-4536 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.53215 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.53276 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.53284 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.53267 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00296 |
| scoring_system |
epss |
| scoring_elements |
0.53241 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-4536 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-4536
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pr58-m7ms-2ffh |
|
| 26 |
| url |
VCID-rxzv-s7u5-wkbv |
| vulnerability_id |
VCID-rxzv-s7u5-wkbv |
| summary |
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to information leakage upon certain error conditions because uninitialized RPC output variables are sent over the network to a peer. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-18603 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00413 |
| scoring_system |
epss |
| scoring_elements |
0.6181 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00413 |
| scoring_system |
epss |
| scoring_elements |
0.61859 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00413 |
| scoring_system |
epss |
| scoring_elements |
0.61867 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00413 |
| scoring_system |
epss |
| scoring_elements |
0.61856 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00413 |
| scoring_system |
epss |
| scoring_elements |
0.61841 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-18603 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-18603
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rxzv-s7u5-wkbv |
|
| 27 |
| url |
VCID-tcts-2nv4-8ues |
| vulnerability_id |
VCID-tcts-2nv4-8ues |
| summary |
OpenAFS before 1.6.13 allows remote attackers to spoof bos commands via unspecified vectors. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2015-3283 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00768 |
| scoring_system |
epss |
| scoring_elements |
0.73854 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00768 |
| scoring_system |
epss |
| scoring_elements |
0.73891 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00768 |
| scoring_system |
epss |
| scoring_elements |
0.73896 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00768 |
| scoring_system |
epss |
| scoring_elements |
0.73882 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00768 |
| scoring_system |
epss |
| scoring_elements |
0.73865 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2015-3283 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| purl |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-78ha-yjbm-8bca |
|
| 8 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 9 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 10 |
| vulnerability |
VCID-bu6u-mgss-jyhg |
|
| 11 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 12 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 13 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 14 |
| vulnerability |
VCID-fp5n-tqx6-b7g1 |
|
| 15 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 16 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 17 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 18 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 19 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 20 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 21 |
| vulnerability |
VCID-uw32-c1ap-9yet |
|
| 22 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 23 |
| vulnerability |
VCID-wyc1-fb71-a3g2 |
|
| 24 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 25 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5 |
|
| 1 |
| url |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u4~bpo70%2B1 |
| purl |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u4~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 8 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 9 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 10 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 11 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 12 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 13 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 14 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 15 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 16 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 17 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 18 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 19 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 20 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u4~bpo70%252B1 |
|
| 2 |
|
|
| aliases |
CVE-2015-3283
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tcts-2nv4-8ues |
|
| 28 |
| url |
VCID-uw32-c1ap-9yet |
| vulnerability_id |
VCID-uw32-c1ap-9yet |
| summary |
OpenAFS before 1.6.7 delays the listen thread when an RXS_CheckResponse fails, which allows remote attackers to cause a denial of service (performance degradation) via an invalid packet. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-2852 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00474 |
| scoring_system |
epss |
| scoring_elements |
0.65101 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00474 |
| scoring_system |
epss |
| scoring_elements |
0.65144 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00474 |
| scoring_system |
epss |
| scoring_elements |
0.65154 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00474 |
| scoring_system |
epss |
| scoring_elements |
0.65143 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00474 |
| scoring_system |
epss |
| scoring_elements |
0.65131 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-2852 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| purl |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-78ha-yjbm-8bca |
|
| 8 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 9 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 10 |
| vulnerability |
VCID-bu6u-mgss-jyhg |
|
| 11 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 12 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 13 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 14 |
| vulnerability |
VCID-fp5n-tqx6-b7g1 |
|
| 15 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 16 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 17 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 18 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 19 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 20 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 21 |
| vulnerability |
VCID-uw32-c1ap-9yet |
|
| 22 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 23 |
| vulnerability |
VCID-wyc1-fb71-a3g2 |
|
| 24 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 25 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5 |
|
| 1 |
| url |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u2 |
| purl |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 8 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 9 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 10 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 11 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 12 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 13 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 14 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 15 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 16 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 17 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 18 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 19 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 20 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u2 |
|
|
| aliases |
CVE-2014-2852
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-uw32-c1ap-9yet |
|
| 29 |
| url |
VCID-wccv-q97z-fqc7 |
| vulnerability_id |
VCID-wccv-q97z-fqc7 |
| summary |
The vlserver in OpenAFS before 1.6.13 allows remote authenticated users to cause a denial of service (out-of-bounds read and crash) via a crafted regular expression in a VL_ListAttributesN2 RPC. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2015-6587 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00625 |
| scoring_system |
epss |
| scoring_elements |
0.7056 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00625 |
| scoring_system |
epss |
| scoring_elements |
0.70602 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00625 |
| scoring_system |
epss |
| scoring_elements |
0.70612 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00625 |
| scoring_system |
epss |
| scoring_elements |
0.70594 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00625 |
| scoring_system |
epss |
| scoring_elements |
0.70582 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2015-6587 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| purl |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-78ha-yjbm-8bca |
|
| 8 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 9 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 10 |
| vulnerability |
VCID-bu6u-mgss-jyhg |
|
| 11 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 12 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 13 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 14 |
| vulnerability |
VCID-fp5n-tqx6-b7g1 |
|
| 15 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 16 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 17 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 18 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 19 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 20 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 21 |
| vulnerability |
VCID-uw32-c1ap-9yet |
|
| 22 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 23 |
| vulnerability |
VCID-wyc1-fb71-a3g2 |
|
| 24 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 25 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5 |
|
| 1 |
| url |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u4~bpo70%2B1 |
| purl |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u4~bpo70%2B1 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 8 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 9 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 10 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 11 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 12 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 13 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 14 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 15 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 16 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 17 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 18 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 19 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 20 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u4~bpo70%252B1 |
|
| 2 |
|
|
| aliases |
CVE-2015-6587
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wccv-q97z-fqc7 |
|
| 30 |
| url |
VCID-wyc1-fb71-a3g2 |
| vulnerability_id |
VCID-wyc1-fb71-a3g2 |
| summary |
OpenAFS before 1.4.15, 1.6.x before 1.6.5, and 1.7.x before 1.7.26 uses weak encryption (DES) for Kerberos keys, which makes it easier for remote attackers to obtain the service key. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2013-4134 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00152 |
| scoring_system |
epss |
| scoring_elements |
0.3553 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00152 |
| scoring_system |
epss |
| scoring_elements |
0.35625 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00152 |
| scoring_system |
epss |
| scoring_elements |
0.35637 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00152 |
| scoring_system |
epss |
| scoring_elements |
0.356 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00152 |
| scoring_system |
epss |
| scoring_elements |
0.35561 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2013-4134 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| purl |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-78ha-yjbm-8bca |
|
| 8 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 9 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 10 |
| vulnerability |
VCID-bu6u-mgss-jyhg |
|
| 11 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 12 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 13 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 14 |
| vulnerability |
VCID-fp5n-tqx6-b7g1 |
|
| 15 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 16 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 17 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 18 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 19 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 20 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 21 |
| vulnerability |
VCID-uw32-c1ap-9yet |
|
| 22 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 23 |
| vulnerability |
VCID-wyc1-fb71-a3g2 |
|
| 24 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 25 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5 |
|
| 1 |
| url |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u2 |
| purl |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u2 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 8 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 9 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 10 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 11 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 12 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 13 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 14 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 15 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 16 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 17 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 18 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 19 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 20 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u2 |
|
|
| aliases |
CVE-2013-4134
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wyc1-fb71-a3g2 |
|
| 31 |
| url |
VCID-yyzd-zm5v-13hw |
| vulnerability_id |
VCID-yyzd-zm5v-13hw |
| summary |
rx/rx.c in OpenAFS 1.5.75 through 1.5.78, 1.6.x before 1.6.15, and 1.7.x before 1.7.33 does not properly initialize padding at the end of an Rx acknowledgement (ACK) packet, which allows remote attackers to obtain sensitive information by (1) conducting a replay attack or (2) sniffing the network. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2015-7763 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.64986 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.65029 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.65039 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.65027 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00472 |
| scoring_system |
epss |
| scoring_elements |
0.65015 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2015-7763 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| purl |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-78ha-yjbm-8bca |
|
| 8 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 9 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 10 |
| vulnerability |
VCID-bu6u-mgss-jyhg |
|
| 11 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 12 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 13 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 14 |
| vulnerability |
VCID-fp5n-tqx6-b7g1 |
|
| 15 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 16 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 17 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 18 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 19 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 20 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 21 |
| vulnerability |
VCID-uw32-c1ap-9yet |
|
| 22 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 23 |
| vulnerability |
VCID-wyc1-fb71-a3g2 |
|
| 24 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 25 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5 |
|
| 1 |
| url |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u7 |
| purl |
pkg:deb/debian/openafs@1.6.9-2%2Bdeb8u7 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 8 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 9 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 10 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 11 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 12 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 13 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 14 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 15 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 16 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 17 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 18 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 19 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 20 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.9-2%252Bdeb8u7 |
|
| 2 |
|
|
| aliases |
CVE-2015-7763
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yyzd-zm5v-13hw |
|
| 32 |
| url |
VCID-z151-brjq-yuht |
| vulnerability_id |
VCID-z151-brjq-yuht |
| summary |
The afs_linux_lock function in afs/LINUX/osi_vnodeops.c in the kernel module in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions does not properly handle errors, which allows attackers to cause a denial of service via unknown vectors. NOTE: some of these details are obtained from third party information. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-0431 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00656 |
| scoring_system |
epss |
| scoring_elements |
0.71403 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.00656 |
| scoring_system |
epss |
| scoring_elements |
0.71447 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00656 |
| scoring_system |
epss |
| scoring_elements |
0.71454 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00656 |
| scoring_system |
epss |
| scoring_elements |
0.71431 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.00656 |
| scoring_system |
epss |
| scoring_elements |
0.71415 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-0431 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| purl |
pkg:deb/debian/openafs@1.6.1-3%2Bdeb7u5 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-1fpz-k79d-t3bs |
|
| 1 |
| vulnerability |
VCID-1xfw-vv5d-93b5 |
|
| 2 |
| vulnerability |
VCID-1yg1-xvt5-yugp |
|
| 3 |
| vulnerability |
VCID-3jm4-2n5b-5ygs |
|
| 4 |
| vulnerability |
VCID-4nqz-pqv7-xkeu |
|
| 5 |
| vulnerability |
VCID-5ksv-vbwy-gygz |
|
| 6 |
| vulnerability |
VCID-7693-4ytg-h7c7 |
|
| 7 |
| vulnerability |
VCID-78ha-yjbm-8bca |
|
| 8 |
| vulnerability |
VCID-82ab-dv8d-9bfv |
|
| 9 |
| vulnerability |
VCID-anxg-fktu-pfcu |
|
| 10 |
| vulnerability |
VCID-bu6u-mgss-jyhg |
|
| 11 |
| vulnerability |
VCID-cf6s-k59z-6ueb |
|
| 12 |
| vulnerability |
VCID-edpv-p5uh-77he |
|
| 13 |
| vulnerability |
VCID-effs-dv1k-rkaf |
|
| 14 |
| vulnerability |
VCID-fp5n-tqx6-b7g1 |
|
| 15 |
| vulnerability |
VCID-h3xe-yaja-vbds |
|
| 16 |
| vulnerability |
VCID-j6z8-ka18-xucr |
|
| 17 |
| vulnerability |
VCID-m4ch-et4w-5bbq |
|
| 18 |
| vulnerability |
VCID-pr58-m7ms-2ffh |
|
| 19 |
| vulnerability |
VCID-rxzv-s7u5-wkbv |
|
| 20 |
| vulnerability |
VCID-tcts-2nv4-8ues |
|
| 21 |
| vulnerability |
VCID-uw32-c1ap-9yet |
|
| 22 |
| vulnerability |
VCID-wccv-q97z-fqc7 |
|
| 23 |
| vulnerability |
VCID-wyc1-fb71-a3g2 |
|
| 24 |
| vulnerability |
VCID-yyzd-zm5v-13hw |
|
| 25 |
| vulnerability |
VCID-zrrp-jug6-zbgu |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/openafs@1.6.1-3%252Bdeb7u5 |
|
|
| aliases |
CVE-2011-0431
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-z151-brjq-yuht |
|
| 33 |
| url |
VCID-zrrp-jug6-zbgu |
| vulnerability_id |
VCID-zrrp-jug6-zbgu |
| summary |
An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. The backup tape controller (butc) process accepts incoming RPCs but does not require (or allow for) authentication of those RPCs. Handling those RPCs results in operations being performed with administrator credentials, including dumping/restoring volume contents and manipulating the backup database. For example, an unauthenticated attacker can replace any volume's content with arbitrary data. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2018-16947 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01486 |
| scoring_system |
epss |
| scoring_elements |
0.8136 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.01486 |
| scoring_system |
epss |
| scoring_elements |
0.81388 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.01486 |
| scoring_system |
epss |
| scoring_elements |
0.81391 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.01486 |
| scoring_system |
epss |
| scoring_elements |
0.81389 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.01486 |
| scoring_system |
epss |
| scoring_elements |
0.81383 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2018-16947 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2018-16947
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zrrp-jug6-zbgu |
|