Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2003-0373

Malware in sbrugna...

7.5CVSS6.4AI score0.01433EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-27835

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.0056EPSS
Exploits0References1
Snyk
Snyk
added 2025/09/23 6:47 p.m.3 views

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the initializekerberoskeytabfilelogin function. An attacker can execute arbitrary commands by supplying crafted input that is interpolated into a shell command and executed without sanitization. Remediation Upgrade...

7.3CVSS8.1AI score0.00906EPSS
Exploits1References2
CVE
CVE
added 2025/09/23 6:25 p.m.23 views

CVE-2025-59534

CryptoLib (NASA’s library using CCSDS SDLS-EP) contains a command-injection vulnerability in initialize_kerberos_keytab_file_login() present in versions prior to 1.4.2. The flaw arises from unsanitized, user-controlled input directly interpolated into a shell command and executed via system(), en...

7.8CVSS7.1AI score0.00906EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/09/23 6:25 p.m.7 views

CVE-2025-59534 CryptoLib command Injection vulnerability in initialize_kerberos_keytab_file_login()

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.2, there is a command Injection vulnerability in...

7.3CVSS7.4AI score0.00906EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/09/23 12:0 a.m.8 views

PT-2025-39207

Name of the Vulnerable Software and Affected Versions CryptoLib versions prior to 1.4.2 Description CryptoLib is a software solution utilizing the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP for secure communications between spacecraft and ground stations. A command...

7.8CVSS7.2AI score0.00906EPSS
Exploits1References15
SUSE CVE
SUSE CVE
added 2023/02/15 6:13 a.m.4 views

SUSE CVE-2006-7108

login in util-linux-2.12a skips pamacctmgmt and chauthtok when authentication is skipped, such as when a Kerberos krlogin session has been established, which might allow users to bypass intended access policies that would be enforced by pamacctmgmt and chauthtok...

4.1CVSS7.1AI score0.00337EPSS
Exploits0References3
OSV
OSV
added 2023/01/17 8:15 p.m.2 views

CVE-2023-23749

The 'LDAP Integration with Active Directory and OpenLDAP - NTLM & Kerberos Login' extension is vulnerable to LDAP Injection since is not properly sanitizing the 'username' POST parameter. An attacker can manipulate this paramter to dump arbitrary contents form the LDAP Database...

7.5CVSS5.9AI score0.0056EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/01/17 7:38 p.m.5 views

CVE-2023-23749 Extension - miniorange - LDAP Integration - LDAP Injection (username)

The 'LDAP Integration with Active Directory and OpenLDAP - NTLM & Kerberos Login' extension is vulnerable to LDAP Injection since is not properly sanitizing the 'username' POST parameter. An attacker can manipulate this paramter to dump arbitrary contents form the LDAP Database...

7.9AI score0.0056EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2007/05/01 2:15 p.m.5 views

security flaw

login in util-linux-2.12a skips pamacctmgmt and chauthtok when authentication is skipped, such as when a Kerberos krlogin session has been established, which might allow users to bypass intended access policies that would be enforced by pamacctmgmt and chauthtok...

4.1CVSS5.7AI score0.00337EPSS
Exploits0References4
NVD
NVD
added 2003/06/16 4:0 a.m.20 views

CVE-2003-0378

The Kerberos login authentication feature in Mac OS X, when used with an LDAPv3 server and LDAP bind authentication, may send cleartext passwords to the LDAP server when the AuthenticationAuthority attribute is not set...

7.5CVSS6.7AI score0.01433EPSS
Exploits1References2
Cvelist
Cvelist
added 2003/06/06 4:0 a.m.26 views

CVE-2003-0378

The Kerberos login authentication feature in Mac OS X, when used with an LDAPv3 server and LDAP bind authentication, may send cleartext passwords to the LDAP server when the AuthenticationAuthority attribute is not set...

6.7AI score0.01433EPSS
Exploits1References2
Rows per page
Query Builder