MiracleLinux 7 : sssd-1.16.2-13.el7 (AXSA:2019-3678:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-3678:01 advisory. sssd: information leak from the sssd-sudo responder CVE-2018-10852 Tenable has extracted the preceding description block directly from the MiracleLinux...

CVE-2016-10852

cPanel before 11.54.0.4 lacks ACL enforcement in the AppConfig subsystem SEC-85...

CVE-2020-10852

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. There is a stack overflow in display driver. The Samsung ID is SVE-2019-15877 January 2020...

CVE-2019-10852

Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers=startpulling= substring...

Linux Distros Unpatched Vulnerability : CVE-2018-10852

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a messa...

WordPress Buy one click WooCommerce Plugin <= 2.2.9 is vulnerable to Broken Access Control

Software Buy one click WooCommerce Type Plugin Vulnerable versions = 2.2.9 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10852 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID a5a826444a0c Credits incognito Required...

RHEL 6 : sssd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - sssd: information leak from the sssd-sudo responder CVE-2018-10852 - sssd versions from 1.13.0 to before...

Mageia: Security Advisory (MGASA-2018-0350)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5067-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5067-1: SSSD vulnerabilities

Jakub Hrozek discovered that SSSD incorrectly handled file permissions. A local attacker could possibly use this issue to read the sudo rules available for any user. This issue only affected Ubuntu 18.04 LTS. CVE-2018-10852 It was discovered that SSSD incorrectly handled Group Policy Objects. Whe...

SUSE: Security Advisory (SUSE-SU-2018:2144-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:0081-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-10852

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. There is a stack overflow in display driver. The Samsung ID is SVE-2019-15877 January 2020...

CVE-2020-10852

CVE-2020-10852 involves a stack overflow in the display driver affecting Samsung mobile devices running O(8.x), P(9.0), and Q(10.0) software (Samsung ID SVE-2019-15877). The Red Hat/EUVD/CNVD entries corroborate the same issue. According to the NVD metrics, CVSS v3.1 base score is 7.8 (HIGH) with...

Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2018-1403)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for sssd (EulerOS-SA-2019-1193)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Computrols CBAS-Web 19.0.0 Blind SQL Injection

Computrols CBAS-Web Authenticated Boolean-based Blind SQL Injection Affected versions: 19.0.0 and below CVE: CVE-2019-10852 Advisory: https://applied-risk.com/resources/ar-2019-009 Paper: https://applied-risk.com/resources/i-own-your-building-management-system by Gjoko 'LiquidWorm' Krstic PoC id...

NewStart CGSL CORE 5.04 / MAIN 5.04 : sssd Vulnerability (NS-SA-2019-0067)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has sssd packages installed that are affected by a vulnerability: - The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD utilizes too broad of a set of permissions. Any user who can send a...

CVE-2016-10852

cPanel versions prior to 11.54.0.4 are affected by a lack of ACL enforcement in the AppConfig subsystem (SEC-85). Red Hat and NVD references confirm the issue, affecting cPanel’s AppConfig handling; no explicit exploit details or fix version are provided in the connected documents. The reports de...

CVE-2019-10852

creationtimestamp| type| source ---|---|--- 2019-05-23 19:48:23+00:00| seen| https://t.me/cvemitreorg/257...