11 matches found
CVE-2026-45108
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 2.0.0 to before 3.1.5 and 2.3.11, Himmelblau contained an authentication bypass vulnerability in the Device Authorization Grant DAG flow that allowed a user within the same Entra ID domain to obtain a local Unix...
sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems
A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos local authentication plugin sssdkrb5localauthplugin is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an...
sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems
A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos local authentication plugin sssdkrb5localauthplugin is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an...
sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems
A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos local authentication plugin sssdkrb5localauthplugin is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an...
CVE-2025-11561
CVE-2025-11561 affects the System Security Services Daemon (SSSD) on Linux in default AD integration configurations. A fallback path from the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) to the an2ln plugin can be taken if AD attributes (e.g., userPrincipalName or samAccountN...
EUVD-2024-51116
Malicious code in bioql PyPI...
CVE-2024-12802
SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN User Principal Name and SAM Security Account Manager account names when integrated with Microsoft Active Directory, allowing MFA to be configured independently for each login method and...
SSL-VPN MFA Bypass Due to UPN and SAM Account Handling in Microsoft AD
SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN User Principal Name and SAM Security Account Manager account names when integrated with Microsoft Active Directory, allowing MFA to be configured independently for each login method and...
PT-2025-1026
Name of the Vulnerable Software and Affected Versions SonicWall SSL-VPN Gen6 affected versions not specified SonicWall SSL-VPN Gen7 affected versions not specified SonicWall SSL-VPN Gen8 affected versions not specified Description An authentication bypass exists in SonicWall SSL-VPN when integrat...
LDAP authentication fails with error "user <username> not found" if using UPN to login Gateway
LDAP authentication fails if using UPN userPrincipalName to login Gateway. When running /tmp/aaad.debug log on NetScaler, the following error "user @domainname.com not found" is printed in logs. /usr/home/build/adc/usr.src/netscaler/aaad/ldapdrv.c528: receiveldapusersearchevent 0-2: ldapfirstentr...
Security update 1970-01-01
...