4127 matches found
SecurEnvoy Two Factor Authentication - LDAP Injection
Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper validation of user-supplied input. An unauthenticated remote attacker could exfiltrate data from Active Directory through blind LDAP injection attacks against the DESKTOP service exposed on the...
CVE-2026-59269
A user authenticating to Kubernetes clusters via the Pinniped Supervisor could potentially gain elevated permissions in the clusters, only if all the following conditions were true: the Pinniped Supervisor server is running with an ActiveDirectoryIdentityProvider resource configured; the...
EUVD-2026-42530
A user authenticating to Kubernetes clusters via the Pinniped Supervisor could potentially gain elevated permissions in the clusters, only if all the following conditions were true: the Pinniped Supervisor server is running with an ActiveDirectoryIdentityProvider resource configured; the...
CVE-2026-59269
The CVE concerns Pinniped Supervisor authenticating to Kubernetes clusters, where an attacker could achieve elevated cluster permissions under specific AD/LDAP conditions. Affected software: Pinniped (go.pinniped.dev) versions v0.11.0–v0.46.0. Root cause: when an ActiveDirectoryIdentityProvider i...
CVE-2026-59269
A user authenticating to Kubernetes clusters via the Pinniped Supervisor could potentially gain elevated permissions in the clusters, only if all the following conditions were true: the Pinniped Supervisor server is running with an ActiveDirectoryIdentityProvider resource configured; the...
CVE-2026-59269 Privilege Escalation via Active Directory LDAP injection in Pinniped Supervisor can be executed by an attacker who can edit LDAP Group DN entries
A user authenticating to Kubernetes clusters via the Pinniped Supervisor could potentially gain elevated permissions in the clusters, only if all the following conditions were true: the Pinniped Supervisor server is running with an ActiveDirectoryIdentityProvider resource configured; the...
github.com/prometheus/prometheus: Prometheus: Information disclosure of Azure OAuth client secret via config API
A flaw was found in Prometheus, an open-source monitoring system. The clientsecret field within the Azure Active Directory AD remote write OAuth configuration was incorrectly handled as a plain string instead of a secure Secret type. This misconfiguration allowed any user or process with access t...
CVE-2026-59998
A flaw was found in OpenSSH. The sshd component has an undocumented security-relevant behavior where GSSAPIStrictAcceptorCheck has no value when the server is in a Windows Active Directory environment. This could lead to unintended information disclosure and impact data integrity...
CVE-2026-59998
sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the server is in Windows Active Directory...
CVE-2026-59998
OpenSSH sshd (CVE-2026-59998) affects builds before 10.4. The issue is an undocumented security-relevant behavior where GSSAPIStrictAcceptorCheck has no value when the server runs in Windows Active Directory. CVSS v3.1 base score 4.8 (Medium) and impact on confidentiality/integrity (Low) with net...
CVE-2026-59998
sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the server is in Windows Active Directory...
EUVD-2026-42141
sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the server is in Windows Active Directory...
CVE-2026-59998
sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the server is in Windows Active Directory...
CVE-2026-59998
sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the server is in Windows Active Directory...
CVE-2026-14476
A path traversal flaw was found in SSSD's AD GPO provider. The adgpoextractsmbcomponents function does not sanitize .. sequences in the gPCFileSysPath LDAP attribute, allowing an attacker with AD GPO management access to write files outside the GPO cache directory as root. On default RHEL...
EUVD-2026-42031
Credentials of built-in users are insecurely stored in the User directory of PcVue projects, all versions prior to 17.0.0. A local attacker could retrieve users’ credentials. Active Directory accounts are not affected by this vulnerability...
CVE-2026-14867
Credentials of built-in users are insecurely stored in the User directory of PcVue projects, all versions prior to 17.0.0. A local attacker could retrieve users’ credentials. Active Directory accounts are not affected by this vulnerability...
CVE-2026-14476 Sssd: sssd: gpo cache path traversal via unsanitized gpcfilesyspath allows kerberos authentication bypass
A path traversal flaw was found in SSSD's AD GPO provider. The adgpoextractsmbcomponents function does not sanitize .. sequences in the gPCFileSysPath LDAP attribute, allowing an attacker with AD GPO management access to write files outside the GPO cache directory as root. On default RHEL...
CVE-2026-14476
CVE-2026-14476 : A path traversal flaw in SSSD’s AD GPO provider (ad_gpo_extract_smb_components()) does not sanitize .. in gPCFileSysPath, enabling an attacker with AD GPO management access to write files outside the GPO cache directory as root. In default RHEL with SELinux enforcing, this can in...
PT-2026-56172
Name of the Vulnerable Software and Affected Versions SSSD affected versions not specified Description A path traversal flaw exists in the AD GPO provider of SSSD. The ad gpo extract smb components function fails to sanitize .. sequences within the gPCFileSysPath LDAP attribute. This allows an...