Lucene search
+L

84 matches found

vulnrichment
vulnrichment
added 2025/09/17 4:52 p.m.4 views

CVE-2025-35431 CISA Thorium LDAP injection

CISA Thorium does not escape user controlled strings used in LDAP queries. An authenticated remote attacker can modify LDAP authorization data such as group memberships. Fixed in 1.1.1...

5.4CVSS6.5AI score0.00285EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2025/09/17 12:0 a.m.6 views

PT-2025-38230

Name of the Vulnerable Software and Affected Versions: Thorium versions prior to 1.1.1 Description: Thorium does not escape user-controlled strings used in LDAP queries. An authenticated remote attacker can modify LDAP authorization data, such as group memberships. Recommendations: Update to...

5.4CVSS6.5AI score0.00285EPSS
Exploits0References7
cnnvd
cnnvd
added 2025/09/17 12:0 a.m.8 views

CISA Thorium 安全漏洞

CISA Thorium is a highly scalable distributed malware analysis and data generation framework for the U.S. Cybersecurity and Infrastructure Security Administration CISA government division. A security vulnerability exists in CISA Thorium versions prior to 1.1.1 that stems from unescaped...

5.4CVSS6.4AI score0.00285EPSS
Exploits0References4
nvd
nvd
added 2025/06/06 6:15 p.m.15 views

CVE-2025-49011

SpiceDB is an open source database for storing and querying fine-grained authorization data. Prior to version 1.44.2, on schemas involving arrows with caveats on the arrow’ed relation, when the path to resolve a CheckPermission request involves the evaluation of multiple caveated branches, reques...

5.3CVSS0.00266EPSS
Exploits0References3
cve
cve
added 2025/06/06 5:36 p.m.64 views

CVE-2025-49011

SpiceDB (v1.44.x) vulnerability: when resolving CheckPermission paths that involve arrows with caveats, the evaluation across multiple caveated branches may incorrectly return NO_PERMISSION instead of PERMISSION. Root cause is in caveats on an arrow’ed relation affecting multi-branch permission c...

5.3CVSS7.1AI score0.00266EPSS
Exploits0References3Affected Software1
redhat
redhat
added 2025/04/07 1:59 a.m.3 views

golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing

A flaw was found in the golang-jwt implementation of JSON Web Tokens JWT. In affected versions, a malicious request with specially crafted Authorization header data may trigger an excessive consumption of resources on the host system. This issue can cause significant performance degradation or an...

7.5CVSS7.1AI score0.00693EPSS
Exploits0References7
thn
thn
added 2025/03/13 12:26 p.m.35 views

GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks

Two high-severity security flaws have been disclosed in the open-source ruby-saml library that could allow malicious actors to bypass Security Assertion Markup Language SAML authentication protections. SAML is an XML-based markup language and open-standard used for exchanging authentication and...

8.8CVSS9.7AI score0.63792EPSS
Exploits6
vulnrichment
vulnrichment
added 2024/10/24 7:35 a.m.11 views

CVE-2024-9531 MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution <= 4.2.4 - Missing Authorization to Forged Vendor Profile Deletion Email Sending

The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'mvxsentdeactivationrequest' function in all versions up to, and including, 4.2.4. This makes it possible f...

4.3CVSS6.6AI score0.00334EPSS
Exploits0References3
cve
cve
added 2024/06/28 3:29 a.m.53 views

CVE-2024-5863

CVE-2024-5863 affects the Easy Image Collage WordPress plugin. The issue is a missing capability check in ajax_image_collage() across versions up to and including 1.13.5, allowing authenticated users with Contributor-level access and above to erase content in arbitrary posts (data loss). Wordfenc...

5.4CVSS5.6AI score0.00453EPSS
Exploits0References2
osv
osv
added 2024/06/19 8:57 a.m.5 views

CLSA-2024-1718787475 krb5: Fix of CVE-2023-39975

CVE-2023-39975: fix double free vulnerability in authorization-data handling to prevent incorrect data copying from one ticket to another...

8.8CVSS7AI score0.01229EPSS
Exploits0References1
cnnvd
cnnvd
added 2024/06/18 12:0 a.m.6 views

Moodle Security Breach

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle that stems from a cURL wrapper that retains the original request header when redirecting, so...

7.5CVSS6.6AI score0.00445EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2024/06/06 3:32 a.m.13 views

CVE-2024-5449 WP Dark Mode – WordPress Dark Mode Plugin for Improved Accessibility, Dark Theme, Night Mode, and Social Sharing <= 5.0.4 - Missing Authorization

The WP Dark Mode – WordPress Dark Mode Plugin for Improved Accessibility, Dark Theme, Night Mode, and Social Sharing plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpdmsocialsharesaveoptions function in all versions up to, and...

4.3CVSS6.7AI score0.00346EPSS
Exploits0References3
nessus
nessus
added 2024/02/29 12:0 a.m.38 views

CentOS 9 : krb5-1.21.1-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the krb5-1.21.1-1.el9 build changelog. - kdc/dotgsreq.c in MIT Kerberos 5 aka krb5 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an...

8.8CVSS7.2AI score0.01229EPSS
Exploits0References2
ibm
ibm
added 2023/12/20 2:34 p.m.47 views

Security Bulletin: IBM Security Guardium is affected by a multiple vulnerabilities (CVE-2023-39975, CVE-2023-34042)

Summary IBM Security Guardium has fixed these vulnerabilities Vulnerability Details CVEID:CVE-2023-39975 DESCRIPTION: MIT Kerberos 5 aka krb5 is vulnerable to a denial of service, caused by a double free in KDC TGS processing. By sending a specially crafted request, a remote authenticated attacke...

8.8CVSS7.1AI score0.01229EPSS
Exploits0Affected Software1
susecve
susecve
added 2023/11/18 1:50 a.m.3 views

SUSE CVE-2023-39975

kdc/dotgsreq.c in MIT Kerberos 5 aka krb5 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another...

8.8CVSS8AI score0.01229EPSS
Exploits0References3
nessus
nessus
added 2023/11/16 12:0 a.m.28 views

Oracle Linux 9 : krb5 (ELSA-2023-6699)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-6699 advisory. - Fix double-free in KDC TGS processing CVE-2023-39975 Tenable has extracted the preceding description block directly from the Oracle Linux security...

8.8CVSS7.3AI score0.02791EPSS
Exploits0References3
redhat
redhat
added 2023/11/07 8:49 a.m.27 views

krb5: double-free in KDC TGS processing

A vulnerability was found in MIT krb5, where an authenticated attacker can cause a KDC to free the same pointer twice if it can induce a failure in authorization data handling...

8.8CVSS7.1AI score0.01229EPSS
Exploits0References5
nessus
nessus
added 2023/11/07 12:0 a.m.26 views

RHEL 9 : krb5 (RHSA-2023:6699)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6699 advisory. Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending...

8.8CVSS7.3AI score0.02791EPSS
Exploits0References12
redhatcve
redhatcve
added 2023/08/22 5:50 p.m.47 views

CVE-2023-39975

A vulnerability was found in MIT krb5, where an authenticated attacker can cause a KDC to free the same pointer twice if it can induce a failure in authorization data handling...

8.8CVSS8.2AI score0.01229EPSS
Exploits0References3
veracode
veracode
added 2023/08/18 3:50 a.m.27 views

Double Free

libkrb5.so is vulnerable to Double Free. The vulnerability exists due to a failure in authorization data handling in the dotgsreq.c, which allows an attacker to cause the Key Distribution Center KDC to free the same pointer twice when incorrect data is copied from one ticket to another...

8.8CVSS6.7AI score0.01229EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder