159 matches found
CVE-2025-12765 pgAdmin 4: LDAP authentication flow vulnerable to TLS certificate verification bypass.
pgAdmin = 9.9 is affected by a vulnerability in the LDAP authentication mechanism allows bypassing TLS certificate verification...
PT-2025-46822
Name of the Vulnerable Software and Affected Versions pgAdmin versions prior to 9.9 Description The LDAP authentication mechanism in pgAdmin has a flaw that permits bypassing TLS certificate verification. This could allow attackers to intercept and potentially manipulate communications during...
EUVD-2019-14152
Malware in sbrugna...
EUVD-2013-3222
Malware in sbrugna...
EUVD-2013-0977
Malware in sbrugna...
EUVD-2025-24033
Malicious code in bioql PyPI...
EUVD-2022-3457
Malicious code in bioql PyPI...
EUVD-2025-28980
Malicious code in bioql PyPI...
EUVD-2024-32689
Malicious code in bioql PyPI...
ROS-20250912-13
A vulnerability in OpenBao's secret management and encryption system is related to an unexpected normalization in the in the TOTP base library. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data A vulnerability in the OpenBao secret management and encryptio...
CVE-2025-10224
The CVE-2025-10224 entry concerns AxxonSoft Axxon One (C-Werk) prior to or equal to 2.0.2 on Windows, where the LDAP authentication engine improperly evaluates nested LDAP group memberships. This allows a remote authenticated user to be denied access or receive misassigned roles during login. The...
AxxonSoft AxxonOne 安全漏洞
AxxonSoft AxxonOne is a video surveillance and security management software from AxxonSoft Ireland. A security vulnerability exists in AxxonSoft AxxonOne version 2.0.2 and earlier, which stems from improper authentication of the LDAP authentication engine and could result in access denial or role...
Linux Distros Unpatched Vulnerability : CVE-2023-1907
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in pgadmin. Users logging into pgAdmin running in server mode using LDAP authentication may be attached to another user's session if...
SUSE CVE-2025-55001
OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, OpenBao allowed the assignment of policies and MFA attribution based upon entity aliases, chosen by the underlying auth method. Whe...
GO-2025-3848 HashiCorp Vault ldap auth method may not have correctly enforced MFA in github.com/hashicorp/vault
HashiCorp Vault ldap auth method may not have correctly enforced MFA in github.com/hashicorp/vault...
CVE-2025-54998
OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 0.1.0 through 2.3.1, attackers could bypass the automatic user lockout mechanisms in the OpenBao Userpass or LDAP auth systems. This was caused by...
CVE-2025-55001
OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, OpenBao allowed the assignment of policies and MFA attribution based upon entity aliases, chosen by the underlying auth method. Whe...
Improper Neutralization
Overview Affected versions of this package are vulnerable to Improper Neutralization via the usernameasalias parameter in the LDAP authentication process. An attacker can gain unauthorized access to resources protected by multi-factor authentication by supplying a crafted username that bypasses...
CVE-2025-55001 OpenBao LDAP MFA Enforcement Bypass When Using Username As Alias
OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, OpenBao allowed the assignment of policies and MFA attribution based upon entity aliases, chosen by the underlying auth method. Whe...
CVE-2025-54998 OpenBao Userpass and LDAP User Lockout Bypass
OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 0.1.0 through 2.3.1, attackers could bypass the automatic user lockout mechanisms in the OpenBao Userpass or LDAP auth systems. This was caused by...