Lucene search
+L

252 matches found

EUVD
EUVD
added 4 days ago5 views

EUVD-2026-44739

A flaw was found in the AAP Gateway Envoy proxy configuration. The non-mTLS route to EDA event streams does not remove the Subject HTTP header from client requests, despite the source code defining requestHeadersToRemove for this header. An unauthenticated remote attacker can inject a spoofed...

8.2CVSS6.2AI score0.00338EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 4 days ago6 views

CVE-2026-12382

A flaw was found in the AAP Gateway Envoy proxy configuration. The non-mTLS route to EDA event streams does not remove the Subject HTTP header from client requests, despite the source code defining requestHeadersToRemove for this header. An unauthenticated remote attacker can inject a spoofed...

8.2CVSS6.2AI score0.00338EPSS
Exploits0References5
NVD
NVD
added 5 days ago6 views

CVE-2026-45063

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, X509Authenticator extracts the user identifier from $SERVER'SSLCLIENTSDN' with an unanchored regex that matches emailAddress= anywhere in the distinguishe...

9.1CVSS0.00323EPSS
Exploits0References6
CVE
CVE
added 5 days ago19 views

CVE-2026-45063

Symfony X509Authenticator vulnerability (CVE-2026-45063) allows identity spoofing because an unanchored regex extracts emailAddress from the certificate Subject DN, enabling a trusted certificate with emailAddress embedded in another RDN (e.g., CN) to authenticate as another user. Impact is high ...

9.1CVSS6.1AI score0.00323EPSS
Exploits0References6Affected Software1
OSV
OSV
added 5 days ago4 views

CVE-2026-45063 Symfony: Identity Spoofing via Unanchored DN Regex in X509Authenticator

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, X509Authenticator extracts the user identifier from $SERVER'SSLCLIENTSDN' with an unanchored regex that matches emailAddress= anywhere in the distinguishe...

9.1CVSS6.1AI score0.00323EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/07/10 3:12 a.m.3 views

SUSE CVE-2026-59692

A stack buffer overflow vulnerability was found in GStreamer's DTLS plugin. During a DTLS handshake, the peer certificate Subject Distinguished Name is printed into a fixed-size 2048-byte stack buffer without bounds checking. A remote unauthenticated attacker can send a certificate with an...

7.5CVSS6.2AI score0.0031EPSS
Exploits0References3
NVD
NVD
added 2026/07/09 11:16 a.m.7 views

CVE-2026-59692

A stack buffer overflow vulnerability was found in GStreamer's DTLS plugin. During a DTLS handshake, the peer certificate Subject Distinguished Name is printed into a fixed-size 2048-byte stack buffer without bounds checking. A remote unauthenticated attacker can send a certificate with an...

7.5CVSS0.0031EPSS
Exploits0References4
OSV
OSV
added 2026/07/09 11:16 a.m.1 views

DEBIAN-CVE-2026-59692

A stack buffer overflow vulnerability was found in GStreamer's DTLS plugin. During a DTLS handshake, the peer certificate Subject Distinguished Name is printed into a fixed-size 2048-byte stack buffer without bounds checking. A remote unauthenticated attacker can send a certificate with an...

7.5CVSS6.2AI score0.0031EPSS
Exploits0References1
OSV
OSV
added 2026/07/09 11:16 a.m.3 views

UBUNTU-CVE-2026-59692

A stack buffer overflow vulnerability was found in GStreamer's DTLS plugin. During a DTLS handshake, the peer certificate Subject Distinguished Name is printed into a fixed-size 2048-byte stack buffer without bounds checking. A remote unauthenticated attacker can send a certificate with an...

7.5CVSS6.2AI score0.0031EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/09 7:12 a.m.7 views

EUVD-2026-42530

A user authenticating to Kubernetes clusters via the Pinniped Supervisor could potentially gain elevated permissions in the clusters, only if all the following conditions were true: the Pinniped Supervisor server is running with an ActiveDirectoryIdentityProvider resource configured; the...

3.8CVSS5.9AI score0.0017EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/09 7:12 a.m.34 views

CVE-2026-59269 Privilege Escalation via Active Directory LDAP injection in Pinniped Supervisor can be executed by an attacker who can edit LDAP Group DN entries

A user authenticating to Kubernetes clusters via the Pinniped Supervisor could potentially gain elevated permissions in the clusters, only if all the following conditions were true: the Pinniped Supervisor server is running with an ActiveDirectoryIdentityProvider resource configured; the...

3.8CVSS0.0017EPSS
Exploits0References1
CVE
CVE
added 2026/07/09 7:12 a.m.11 views

CVE-2026-59269

The CVE concerns Pinniped Supervisor authenticating to Kubernetes clusters, where an attacker could achieve elevated cluster permissions under specific AD/LDAP conditions. Affected software: Pinniped (go.pinniped.dev) versions v0.11.0–v0.46.0. Root cause: when an ActiveDirectoryIdentityProvider i...

3.8CVSS5.9AI score0.0017EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/09 7:12 a.m.6 views

CVE-2026-59269

A user authenticating to Kubernetes clusters via the Pinniped Supervisor could potentially gain elevated permissions in the clusters, only if all the following conditions were true: the Pinniped Supervisor server is running with an ActiveDirectoryIdentityProvider resource configured; the...

3.8CVSS5.9AI score0.0017EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/07/09 7:12 a.m.4 views

CVE-2026-59269 Privilege Escalation via Active Directory LDAP injection in Pinniped Supervisor can be executed by an attacker who can edit LDAP Group DN entries

A user authenticating to Kubernetes clusters via the Pinniped Supervisor could potentially gain elevated permissions in the clusters, only if all the following conditions were true: the Pinniped Supervisor server is running with an ActiveDirectoryIdentityProvider resource configured; the...

3.8CVSS6.1AI score0.0017EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/07/09 12:0 a.m.10 views

PT-2026-56784

Name of the Vulnerable Software and Affected Versions GStreamer affected versions not specified Description A stack buffer overflow occurs in the DTLS plugin during a DTLS handshake. The issue arises when the peer certificate Subject Distinguished Name is printed into a fixed-size 2048-byte stack...

7.5CVSS6.2AI score0.0031EPSS
Exploits0References23
NVD
NVD
added 2026/07/07 3:16 p.m.8 views

CVE-2026-14940

A heap-buffer-overflow flaw was found in 389 Directory Server 389-ds-base. When normalizing a Distinguished Name DN that contains a legacy-quoted value encoding a multivalued nested Relative Distinguished Name RDN, the server can write past the end of a heap allocation while sorting RDN...

5.3CVSS0.00294EPSS
Exploits0References2
OSV
OSV
added 2026/07/07 3:16 p.m.3 views

DEBIAN-CVE-2026-14940

A heap-buffer-overflow flaw was found in 389 Directory Server 389-ds-base. When normalizing a Distinguished Name DN that contains a legacy-quoted value encoding a multivalued nested Relative Distinguished Name RDN, the server can write past the end of a heap allocation while sorting RDN...

5.3CVSS6.1AI score0.00294EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/07 1:54 p.m.5 views

EUVD-2026-42042

A heap-buffer-overflow flaw was found in 389 Directory Server 389-ds-base. When normalizing a Distinguished Name DN that contains a legacy-quoted value encoding a multivalued nested Relative Distinguished Name RDN, the server can write past the end of a heap allocation while sorting RDN...

5.3CVSS5.9AI score0.00294EPSS
Exploits0References2
CVE
CVE
added 2026/07/07 1:54 p.m.16 views

CVE-2026-14940

Affected software/component: 389 Directory Server (389-ds-base). Vulnerability: heap-buffer-overflow in DN normalization when processing a legacy-quoted value encoding a multivalued nested RDN, causing writes past the end of a heap allocation. Attack scenario: an unauthenticated remote attacker c...

5.3CVSS5.9AI score0.00294EPSS
Exploits0References2Affected Software3
Cvelist
Cvelist
added 2026/07/07 1:54 p.m.47 views

CVE-2026-14940 389-ds-base: 389-ds-base: heap-buffer-overflow in dn normalization via quoted multivalued rdn

A heap-buffer-overflow flaw was found in 389 Directory Server 389-ds-base. When normalizing a Distinguished Name DN that contains a legacy-quoted value encoding a multivalued nested Relative Distinguished Name RDN, the server can write past the end of a heap allocation while sorting RDN...

5.3CVSS0.00294EPSS
Exploits0References2
Rows per page
Query Builder