Lucene search
+L

4761 matches found

euvd
euvd
added yesterday4 views

EUVD-2026-44662

A flaw was found in samba's pamwinbind. When mkhomedir is enabled, pamwinbind chowns the target account's home directory without validating the path is not a critical system directory such as /. On affected systems, accounts with / as their home directory a common default for system accounts can...

6.1CVSS6.1AI score
Exploits0References5
cve
cve
added yesterday8 views

CVE-2026-15779

Summary: CVE-2026-15779 concerns Samba’s pam_winbind when mkhomedir is enabled. pam_winbind chowns the target account’s home directory without validating that the path is not a critical system directory like “/”. On systems where / is a user home (a common default for system accounts), this can b...

6.1CVSS6.1AI score
Exploits0References5
cvelist
cvelist
added yesterday29 views

CVE-2026-15779 Samba-winbind: samba: pam_winbind mkhomedir chowns critical system paths without validation

A flaw was found in samba's pamwinbind. When mkhomedir is enabled, pamwinbind chowns the target account's home directory without validating the path is not a critical system directory such as /. On affected systems, accounts with / as their home directory a common default for system accounts can...

6.1CVSS
Exploits0References5
osv
osv
added 6 days ago4 views

OPENSUSE-SU-2026:21290-1 Security update for sssd

This update for sssd fixes the following issues - CVE-2026-14474: sudo LDAP provider searches entire directory tree for sudoRole objects by default, enabling privilege escalation bsc1270709. - CVE-2026-14476: GPO cache path traversal via unsanitized gPCFileSysPath allows Kerberos authentication...

8.8CVSS6.1AI score0.00501EPSS
Exploits0References4
redhat
redhat
added 2026/07/09 8:3 a.m.6 views

Critical: Red Hat Security Advisory: OpenShift Container Platform 4.17.55 bug fix and security update

Red Hat OpenShift Container Platform release 4.17.55 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...

9.8CVSS6.9AI score0.93235EPSS
Exploits54References11
ossf
ossf
added 2026/07/09 12:0 a.m.11 views

Malicious code in nodemon-sudo (npm)

The npm package nodemon-sudo is a typosquat of the popular nodemon package: its package.json description "Simple monitor script for use during development of a Node.js app.", main entry ./lib/nodemon, and forged author field Remy Sharp, the real maintainer of nodemon are copied from the legitimat...

6.5AI score
Exploits0References4
nvd
nvd
added 2026/07/07 7:16 p.m.10 views

CVE-2026-59800

9Router before 0.4.44 contains an OS command injection vulnerability in the unauthenticated POST /api/tunnel/tailscale-install endpoint this route is not covered by the dashboard middleware matcher, so no authorization check is applied. The sudoPassword field from the request body is written to t...

9.8CVSS0.01372EPSS
Exploits0References2
euvd
euvd
added 2026/07/07 6:19 p.m.5 views

EUVD-2026-42073

9Router before 0.4.44 contains an OS command injection vulnerability in the unauthenticated POST /api/tunnel/tailscale-install endpoint this route is not covered by the dashboard middleware matcher, so no authorization check is applied. The sudoPassword field from the request body is written to t...

9.8CVSS6.3AI score0.01372EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/07/07 6:19 p.m.7 views

CVE-2026-59800

9Router before 0.4.44 contains an OS command injection vulnerability in the unauthenticated POST /api/tunnel/tailscale-install endpoint this route is not covered by the dashboard middleware matcher, so no authorization check is applied. The sudoPassword field from the request body is written to t...

9.8CVSS6.3AI score0.01372EPSS
Exploits0References3
nvd
nvd
added 2026/07/07 10:16 a.m.10 views

CVE-2026-14474

A flaw was found in SSSD's LDAP sudo provider. When the ldapsudosearchbase option is not explicitly configured, SSSD searches the entire LDAP directory tree for sudoRole objects. An authenticated attacker with write access to any subtree can inject a sudoRole object granting root-level sudo...

8.8CVSS0.00348EPSS
Exploits0References2
osv
osv
added 2026/07/07 10:16 a.m.1 views

DEBIAN-CVE-2026-14474

A flaw was found in SSSD's LDAP sudo provider. When the ldapsudosearchbase option is not explicitly configured, SSSD searches the entire LDAP directory tree for sudoRole objects. An authenticated attacker with write access to any subtree can inject a sudoRole object granting root-level sudo...

8.8CVSS6AI score0.00348EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/07/07 9:12 a.m.6 views

CVE-2026-14474

A flaw was found in SSSD's LDAP sudo provider. When the ldapsudosearchbase option is not explicitly configured, SSSD searches the entire LDAP directory tree for sudoRole objects. An authenticated attacker with write access to any subtree can inject a sudoRole object granting root-level sudo...

8.8CVSS5.9AI score0.00348EPSS
Exploits0References3
euvd
euvd
added 2026/07/07 9:12 a.m.5 views

EUVD-2026-42022

A flaw was found in SSSD's LDAP sudo provider. When the ldapsudosearchbase option is not explicitly configured, SSSD searches the entire LDAP directory tree for sudoRole objects. An authenticated attacker with write access to any subtree can inject a sudoRole object granting root-level sudo...

8.8CVSS5.9AI score0.00348EPSS
Exploits0References2
cve
cve
added 2026/07/07 9:12 a.m.12 views

CVE-2026-14474

SSSD (System Security Services Daemon) LDAP sudo provider is vulnerable when ldap_sudo_search_base is not configured; SSSD will search the entire LDAP directory tree for sudoRole objects. An authenticated attacker with write access to any subtree can inject a sudoRole object, granting root-level ...

8.8CVSS5.9AI score0.00348EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/07/07 9:12 a.m.6 views

CVE-2026-14474

A flaw was found in SSSD's LDAP sudo provider. When the ldapsudosearchbase option is not explicitly configured, SSSD searches the entire LDAP directory tree for sudoRole objects. An authenticated attacker with write access to any subtree can inject a sudoRole object granting root-level sudo...

8.8CVSS5.9AI score0.00348EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/07/07 12:0 a.m.8 views

PT-2026-56171

Name of the Vulnerable Software and Affected Versions sssd affected versions not specified rhcos affected versions not specified Description A flaw exists in the SSSD LDAP sudo provider due to insecure default configuration and improper scoping of LDAP searches. When the ldap sudo search base...

8.8CVSS5.9AI score0.00348EPSS
Exploits0References16
ptsecurity
ptsecurity
added 2026/07/06 12:0 a.m.8 views

PT-2026-56055

Name of the Vulnerable Software and Affected Versions linuxfabrik-monitoring-plugins affected versions not specified Description SQLite databases are created using predictable static paths in /tmp, allowing any user to create a symlink at these locations pointing to arbitrary files. When monitori...

5.1CVSS6.2AI score
Exploits0References7
nvd
nvd
added 2026/07/04 12:16 p.m.9 views

CVE-2026-12196

HestiaCP panel cronjob feature is affected by a broken access control vulnerability. Low privilege users can modify the panel cronjob to execute scripts HestiaCP management scripts with passwordless sudo. This could result in the takeover of administrator users in the application and the underlyi...

8.3CVSS0.00256EPSS
Exploits0References2
cvelist
cvelist
added 2026/07/04 12:5 p.m.36 views

CVE-2026-12196 HestiaCP Admin Takeover

HestiaCP panel cronjob feature is affected by a broken access control vulnerability. Low privilege users can modify the panel cronjob to execute scripts HestiaCP management scripts with passwordless sudo. This could result in the takeover of administrator users in the application and the underlyi...

8.3CVSS0.00256EPSS
Exploits0References2
euvd
euvd
added 2026/07/04 12:5 p.m.12 views

EUVD-2026-41671

HestiaCP panel cronjob feature is affected by a broken access control vulnerability. Low privilege users can modify the panel cronjob to execute scripts HestiaCP management scripts with passwordless sudo. This could result in the takeover of administrator users in the application and the underlyi...

8.3CVSS6AI score0.00256EPSS
Exploits0References2
Rows per page
Query Builder