Lucene search
K

159 matches found

OSV
OSV
added 2025/11/13 1:0 p.m.3 views

CVE-2025-12765 pgAdmin 4: LDAP authentication flow vulnerable to TLS certificate verification bypass.

pgAdmin = 9.9 is affected by a vulnerability in the LDAP authentication mechanism allows bypassing TLS certificate verification...

7.5CVSS7.1AI score0.00196EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/11/05 12:0 a.m.3 views

PT-2025-46822

Name of the Vulnerable Software and Affected Versions pgAdmin versions prior to 9.9 Description The LDAP authentication mechanism in pgAdmin has a flaw that permits bypassing TLS certificate verification. This could allow attackers to intercept and potentially manipulate communications during...

7.8CVSS6.4AI score0.00396EPSS
Exploits0References32
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-14152

Malware in sbrugna...

7.5CVSS7.9AI score0.02084EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.19 views

EUVD-2013-3222

Malware in sbrugna...

3.5CVSS6.3AI score0.00998EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-0977

Malware in sbrugna...

6.4CVSS6.1AI score0.01699EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-24033

Malicious code in bioql PyPI...

6.5CVSS6.2AI score0.00502EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-3457

Malicious code in bioql PyPI...

4.3CVSS6.4AI score0.01209EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.12 views

EUVD-2025-28980

Malicious code in bioql PyPI...

6.5CVSS6.3AI score0.00376EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-32689

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00479EPSS
Exploits0References1
Redos
Redos
added 2025/09/12 12:0 a.m.4 views

ROS-20250912-13

A vulnerability in OpenBao's secret management and encryption system is related to an unexpected normalization in the in the TOTP base library. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data A vulnerability in the OpenBao secret management and encryptio...

9.1CVSS7.2AI score0.00371EPSS
Exploits0
CVE
CVE
added 2025/09/10 12:36 p.m.20 views

CVE-2025-10224

The CVE-2025-10224 entry concerns AxxonSoft Axxon One (C-Werk) prior to or equal to 2.0.2 on Windows, where the LDAP authentication engine improperly evaluates nested LDAP group memberships. This allows a remote authenticated user to be denied access or receive misassigned roles during login. The...

7.1CVSS6.5AI score0.00304EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/09/10 12:0 a.m.5 views

AxxonSoft AxxonOne 安全漏洞

AxxonSoft AxxonOne is a video surveillance and security management software from AxxonSoft Ireland. A security vulnerability exists in AxxonSoft AxxonOne version 2.0.2 and earlier, which stems from improper authentication of the LDAP authentication engine and could result in access denial or role...

7.1CVSS6.9AI score0.00304EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/09/02 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2023-1907

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in pgadmin. Users logging into pgAdmin running in server mode using LDAP authentication may be attached to another user's session if...

8CVSS6.9AI score0.00447EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/08/11 11:22 p.m.3 views

SUSE CVE-2025-55001

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, OpenBao allowed the assignment of policies and MFA attribution based upon entity aliases, chosen by the underlying auth method. Whe...

6.5CVSS6.8AI score0.00221EPSS
Exploits0References4
OSV
OSV
added 2025/08/11 5:24 p.m.7 views

GO-2025-3848 HashiCorp Vault ldap auth method may not have correctly enforced MFA in github.com/hashicorp/vault

HashiCorp Vault ldap auth method may not have correctly enforced MFA in github.com/hashicorp/vault...

8.1CVSS7.1AI score0.00502EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/08/11 2:30 a.m.20 views

CVE-2025-54998

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 0.1.0 through 2.3.1, attackers could bypass the automatic user lockout mechanisms in the OpenBao Userpass or LDAP auth systems. This was caused by...

5.3CVSS6.8AI score0.00211EPSS
Exploits0References1
NVD
NVD
added 2025/08/09 3:15 a.m.8 views

CVE-2025-55001

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, OpenBao allowed the assignment of policies and MFA attribution based upon entity aliases, chosen by the underlying auth method. Whe...

6.5CVSS0.00221EPSS
Exploits0References3
Snyk
Snyk
added 2025/08/09 2:41 a.m.1 views

Improper Neutralization

Overview Affected versions of this package are vulnerable to Improper Neutralization via the usernameasalias parameter in the LDAP authentication process. An attacker can gain unauthorized access to resources protected by multi-factor authentication by supplying a crafted username that bypasses...

8.5CVSS7.1AI score0.00221EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/09 2:1 a.m.9 views

CVE-2025-55001 OpenBao LDAP MFA Enforcement Bypass When Using Username As Alias

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, OpenBao allowed the assignment of policies and MFA attribution based upon entity aliases, chosen by the underlying auth method. Whe...

6.5CVSS0.00221EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/08/09 2:0 a.m.2 views

CVE-2025-54998 OpenBao Userpass and LDAP User Lockout Bypass

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 0.1.0 through 2.3.1, attackers could bypass the automatic user lockout mechanisms in the OpenBao Userpass or LDAP auth systems. This was caused by...

5.3CVSS7.1AI score0.00211EPSS
Exploits0References3
Rows per page
Query Builder