Lucene search
K

265 matches found

osv
osv
added 2026/04/15 7:16 p.m.4 views

DEBIAN-CVE-2026-6245

A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...

5.5CVSS5.4AI score0.00141EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/04/15 6:35 p.m.7 views

CVE-2026-6245

A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...

5.5CVSS5.8AI score0.00141EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/04/15 6:35 p.m.1 views

CVE-2026-6245 Sssd: out-of-bounds read in the sssd

A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...

5.5CVSS5.8AI score0.00141EPSS
Exploits0References2
cve
cve
added 2026/04/15 6:35 p.m.25 views

CVE-2026-6245

CVE-2026-6245 affects the System Security Services Daemon (SSSD) PAM passkey responder. The pam_passkey_child_read_data() function mishandles raw bytes from a pipe, treating them as a NUL-terminated C string, causing an out-of-bounds read (Crash) and local DoS. Affected: SSSD PAM responder; vecto...

5.5CVSS5.8AI score0.00141EPSS
Exploits0References2
cvelist
cvelist
added 2026/04/15 6:35 p.m.73 views

CVE-2026-6245 Sssd: out-of-bounds read in the sssd

A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...

5.5CVSS0.00141EPSS
Exploits0References2
debiancve
debiancve
added 2026/04/15 6:35 p.m.4 views

CVE-2026-6245

A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...

5.5CVSS5.4AI score0.00141EPSS
Exploits0
redhatcve
redhatcve
added 2026/04/15 6:31 p.m.5 views

CVE-2026-6245

A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...

5.5CVSS5.7AI score0.00141EPSS
Exploits0References3
cnnvd
cnnvd
added 2026/04/15 12:0 a.m.11 views

Red Hat System Security Services Daemon 安全漏洞

The Red Hat System Security Services Daemon is a daemon process component in Linux developed by Red Hat Inc. There is a security vulnerability associated with the Red Hat System Security Services Daemon. This vulnerability stems from the improper handling of raw pipe bytes by the...

5.5CVSS5.8AI score0.00141EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/04/15 12:0 a.m.7 views

PT-2026-33133

Name of the Vulnerable Software and Affected Versions System Security Services Daemon SSSD affected versions not specified Description A flaw exists in the System Security Services Daemon SSSD where the pam passkey child read data function within the PAM passkey responder fails to properly handle...

5.5CVSS5.2AI score0.00141EPSS
Exploits0References19
nessus
nessus
added 2026/04/15 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-6245

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw...

5.5CVSS6.1AI score0.00141EPSS
Exploits0References3
hackread
hackread
added 2026/04/06 2:26 p.m.7 views

Cloudflare Targets WordPress With New AI-Powered EmDash CMS

Cloudflare launches EmDash CMS, an AI-powered platform built to fix WordPress security flaws with sandboxed plugins, serverless scaling, and passkey auth...

5.9AI score
Exploits0
euvd
euvd
added 2026/04/01 3:31 a.m.5 views

EUVD-2025-209152

XenForo before 2.3.7 contains a security issue affecting Passkeys that have been added to user accounts. An attacker may be able to compromise the security of Passkey-based authentication...

9.8CVSS5.8AI score0.00451EPSS
Exploits0References3
cvelist
cvelist
added 2026/04/01 12:30 a.m.27 views

CVE-2025-71279 XenForo Passkey Security Bypass

XenForo before 2.3.7 contains a security issue affecting Passkeys that have been added to user accounts. An attacker may be able to compromise the security of Passkey-based authentication...

9.8CVSS0.00451EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/04/01 12:30 a.m.6 views

CVE-2025-71279 XenForo Passkey Security Bypass

XenForo before 2.3.7 contains a security issue affecting Passkeys that have been added to user accounts. An attacker may be able to compromise the security of Passkey-based authentication...

9.8CVSS5.8AI score0.00451EPSS
Exploits0References2
cve
cve
added 2026/04/01 12:30 a.m.13 views

CVE-2025-71279

CVE-2025-71279 affects XenForo earlier than 2.3.7, where Passkeys added to user accounts can be exploited to compromise Passkey-based authentication. The vulnerability is addressed in XenForo 2.3.7’s security fixes; organizations using XenForo should upgrade to 2.3.7 or later. The provided docume...

9.8CVSS5.8AI score0.00451EPSS
Exploits0References2Affected Software1
attackerkb
attackerkb
added 2026/04/01 12:30 a.m.8 views

CVE-2025-71279

XenForo before 2.3.7 contains a security issue affecting Passkeys that have been added to user accounts. An attacker may be able to compromise the security of Passkey-based authentication...

9.8CVSS5.8AI score0.00451EPSS
Exploits0References3Affected Software1
ptsecurity
ptsecurity
added 2026/04/01 12:0 a.m.5 views

PT-2026-29415

XenForo before 2.3.7 contains a security issue affecting Passkeys that have been added to user accounts. An attacker may be able to compromise the security of Passkey-based authentication...

9.8CVSS5.8AI score0.00451EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/03/28 4:56 a.m.7 views

CVE-2026-33890

MyTube is a self-hosted downloader and player for several video websites Prior to version 1.8.71, an unauthenticated attacker can register an arbitrary passkey and subsequently authenticate with it to obtain a full admin session. The application exposes passkey registration endpoints without...

9.8CVSS6AI score0.00492EPSS
Exploits1References1
susecve
susecve
added 2026/03/28 12:26 a.m.4 views

SUSE CVE-2026-32879

New API is a large language mode LLM gateway and artificial intelligence AI asset management system. Starting in version 0.10.0, a logic flaw in the universal secure verification flow allows an authenticated user with a registered passkey to satisfy secure verification without completing a WebAut...

4.9CVSS5.9AI score0.00289EPSS
Exploits0References3
nvd
nvd
added 2026/03/27 9:17 p.m.7 views

CVE-2026-33882

Statamic is a Laravel and Git powered content management system CMS. Prior to versions 5.73.16 and 6.7.2, the markdown preview endpoint could be manipulated to return augmented data from arbitrary fieldtypes. With the users fieldtype specifically, an authenticated control panel user could retriev...

6.5CVSS0.00255EPSS
Exploits0References1
Rows per page
Query Builder