Lucene search
K

246 matches found

EUVD
EUVD
•added 5 hours ago•3 views

EUVD-2026-44739

A flaw was found in the AAP Gateway Envoy proxy configuration. The non-mTLS route to EDA event streams does not remove the Subject HTTP header from client requests, despite the source code defining requestHeadersToRemove for this header. An unauthenticated remote attacker can inject a spoofed...

8.2CVSS6.2AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
•added 5 hours ago•5 views

CVE-2026-12382

A flaw was found in the AAP Gateway Envoy proxy configuration. The non-mTLS route to EDA event streams does not remove the Subject HTTP header from client requests, despite the source code defining requestHeadersToRemove for this header. An unauthenticated remote attacker can inject a spoofed...

8.2CVSS6.2AI score
Exploits0References3
NVD
NVD
•added yesterday•4 views

CVE-2026-45063

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, X509Authenticator extracts the user identifier from $SERVER'SSLCLIENTSDN' with an unanchored regex that matches emailAddress= anywhere in the distinguishe...

9.1CVSS0.00069EPSS
Exploits0References6
CVE
CVE
•added yesterday•18 views

CVE-2026-45063

Symfony X509Authenticator vulnerability (CVE-2026-45063) allows identity spoofing because an unanchored regex extracts emailAddress from the certificate Subject DN, enabling a trusted certificate with emailAddress embedded in another RDN (e.g., CN) to authenticate as another user. Impact is high ...

9.1CVSS6.1AI score0.00069EPSS
Exploits0References6Affected Software1
NVD
NVD
•added 6 days ago•7 views

CVE-2026-59692

A stack buffer overflow vulnerability was found in GStreamer's DTLS plugin. During a DTLS handshake, the peer certificate Subject Distinguished Name is printed into a fixed-size 2048-byte stack buffer without bounds checking. A remote unauthenticated attacker can send a certificate with an...

7.5CVSS0.0031EPSS
Exploits0References4
CVE
CVE
•added 6 days ago•7 views

CVE-2026-59269

The CVE concerns Pinniped Supervisor authenticating to Kubernetes clusters, where an attacker could achieve elevated cluster permissions under specific AD/LDAP conditions. Affected software: Pinniped (go.pinniped.dev) versions v0.11.0–v0.46.0. Root cause: when an ActiveDirectoryIdentityProvider i...

3.8CVSS5.9AI score0.0017EPSS
Exploits0References1
Cvelist
Cvelist
•added 6 days ago•32 views

CVE-2026-59269 Privilege Escalation via Active Directory LDAP injection in Pinniped Supervisor can be executed by an attacker who can edit LDAP Group DN entries

A user authenticating to Kubernetes clusters via the Pinniped Supervisor could potentially gain elevated permissions in the clusters, only if all the following conditions were true: the Pinniped Supervisor server is running with an ActiveDirectoryIdentityProvider resource configured; the...

3.8CVSS0.0017EPSS
Exploits0References1
EUVD
EUVD
•added 6 days ago•7 views

EUVD-2026-42530

A user authenticating to Kubernetes clusters via the Pinniped Supervisor could potentially gain elevated permissions in the clusters, only if all the following conditions were true: the Pinniped Supervisor server is running with an ActiveDirectoryIdentityProvider resource configured; the...

3.8CVSS5.9AI score0.0017EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
•added 6 days ago•5 views

CVE-2026-59269

A user authenticating to Kubernetes clusters via the Pinniped Supervisor could potentially gain elevated permissions in the clusters, only if all the following conditions were true: the Pinniped Supervisor server is running with an ActiveDirectoryIdentityProvider resource configured; the...

3.8CVSS5.9AI score0.0017EPSS
Exploits0References2Affected Software1
OSV
OSV
•added 6 days ago•2 views

CVE-2026-59269 Privilege Escalation via Active Directory LDAP injection in Pinniped Supervisor can be executed by an attacker who can edit LDAP Group DN entries

A user authenticating to Kubernetes clusters via the Pinniped Supervisor could potentially gain elevated permissions in the clusters, only if all the following conditions were true: the Pinniped Supervisor server is running with an ActiveDirectoryIdentityProvider resource configured; the...

3.8CVSS6.1AI score0.0017EPSS
Exploits0References3
NVD
NVD
•added 2026/07/07 3:16 p.m.•8 views

CVE-2026-14940

A heap-buffer-overflow flaw was found in 389 Directory Server 389-ds-base. When normalizing a Distinguished Name DN that contains a legacy-quoted value encoding a multivalued nested Relative Distinguished Name RDN, the server can write past the end of a heap allocation while sorting RDN...

5.3CVSS0.00294EPSS
Exploits0References2
Cvelist
Cvelist
•added 2026/07/07 1:54 p.m.•45 views

CVE-2026-14940 389-ds-base: 389-ds-base: heap-buffer-overflow in dn normalization via quoted multivalued rdn

A heap-buffer-overflow flaw was found in 389 Directory Server 389-ds-base. When normalizing a Distinguished Name DN that contains a legacy-quoted value encoding a multivalued nested Relative Distinguished Name RDN, the server can write past the end of a heap allocation while sorting RDN...

5.3CVSS0.00294EPSS
Exploits0References2
CVE
CVE
•added 2026/07/07 1:54 p.m.•14 views

CVE-2026-14940

Affected software/component: 389 Directory Server (389-ds-base). Vulnerability: heap-buffer-overflow in DN normalization when processing a legacy-quoted value encoding a multivalued nested RDN, causing writes past the end of a heap allocation. Attack scenario: an unauthenticated remote attacker c...

5.3CVSS5.9AI score0.00294EPSS
Exploits0References2Affected Software3
EUVD
EUVD
•added 2026/07/07 1:54 p.m.•5 views

EUVD-2026-42042

A heap-buffer-overflow flaw was found in 389 Directory Server 389-ds-base. When normalizing a Distinguished Name DN that contains a legacy-quoted value encoding a multivalued nested Relative Distinguished Name RDN, the server can write past the end of a heap allocation while sorting RDN...

5.3CVSS5.9AI score0.00294EPSS
Exploits0References2
RedhatCVE
RedhatCVE
•added 2026/07/07 1:54 p.m.•8 views

CVE-2026-14940

A heap-buffer-overflow flaw was found in 389 Directory Server 389-ds-base. When normalizing a Distinguished Name DN that contains a legacy-quoted value encoding a multivalued nested Relative Distinguished Name RDN, the server can write past the end of a heap allocation while sorting RDN...

5.3CVSS5.8AI score0.00294EPSS
Exploits0References3
Positive Technologies
Positive Technologies
•added 2026/07/07 12:0 a.m.•9 views

PT-2026-56194

Name of the Vulnerable Software and Affected Versions 389 Directory Server 389-ds-base affected versions not specified Description A heap-buffer-overflow occurs during the normalization of a Distinguished Name DN containing a legacy-quoted value that encodes a multivalued nested Relative...

5.3CVSS6.1AI score0.00294EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
•added 2026/07/07 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-14940

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-buffer-overflow flaw was found in 389 Directory Server 389-ds-base. When normalizing a Distinguished Name DN that contains a legacy-quoted value encoding...

5.3CVSS6.1AI score0.00294EPSS
Exploits0References4
Positive Technologies
Positive Technologies
•added 2026/06/19 12:0 a.m.•15 views

PT-2026-51108

Name of the Vulnerable Software and Affected Versions OpenBao affected versions not specified Description An issue exists in the shared LDAP utility library sdk/helper/ldaputil/client.go used by the LDAP authentication backend and OpenLDAP secrets engine. The GetUserDN function incorrectly uses...

6.8CVSS6AI score
Exploits0References7
OSV
OSV
•added 2026/06/17 6:35 p.m.•7 views

GHSA-X96M-RH44-VGV8 Apache Shiro: LDAP DN Injection in DefaultLdapRealm

A remote attacker can inject LDAP special characters into the Distinguished Name DN construction in DefaultLdapRealm class. User-supplied username input is directly concatenated into the LDAP DN template without any escaping of RFC 2253 special characters. This allows an attacker to manipulate th...

8.8CVSS5.4AI score0.00494EPSS
Exploits0References4
NVD
NVD
•added 2026/06/17 2:17 p.m.•29 views

CVE-2026-49268

A remote attacker can inject LDAP special characters into the Distinguished Name DN construction in DefaultLdapRealm class. User-supplied username input is directly concatenated into the LDAP DN template without any escaping of RFC 2253 special characters. This allows an attacker to manipulate th...

9.1CVSS0.00494EPSS
Exploits0References2
Rows per page
Query Builder