11 matches found
EUVD-2021-1841
Malware in sbrugna...
CVE-2024-56317
In Matter aka connectedhomeip or Project CHIP through 1.4.0.0, the WriteAcl function deletes all existing ACL entries first, and then attempts to recreate them based on user input. If input validation fails during decoding, the process stops, and no entries are restored by...
The vulnerability of the access control service for remote catalogs and the SSSD authentication mechanism, related to incorrect authorization, allows a perpetrator to trigger a service failure.
The vulnerability of the access control service for remote catalogs and the SSSD authentication mechanism are related to a status error that causes the GPO policy not to be applied consistently to authenticated users. Exploiting this vulnerability could allow a malicious actor to cause service...
The vulnerability of the sssctl command in the access control service allows attackers to gain access to sensitive data, compromise its integrity, and cause service failures.
The vulnerability of the sssctl command in the access control service, which manages access to remote directories and the SSSD authentication mechanism, is related to the lack of measures for input data cleansing. Exploiting this vulnerability could allow a malicious actor to gain access to...
The vulnerability of the ssedb_search_user_by_upn_res() function in the access control service for remote directories and the authentication mechanism sssd allows a intruder to gain unauthorized access to protected information.
The vulnerability of the ssedbsearchuserbyupnres function of the access control service for remote directories and the sssd authentication mechanism is related to insufficient validation of input data when querying the local cache that stores password hashes. Exploiting this vulnerability could...
CVE-2014-3820
Cross-site scripting XSS vulnerability in the SSL VPN/UAC web server in the Juniper Junos Pulse Secure Access Service SSL VPN devices with IVE OS 7.1 before 7.1r16, 7.4 before 7.4r3, and 8.0 before 8.0r1 and the Juniper Junos Pulse Access Control Service devices with UAC OS 4.1 before 4.1r8, 4.4...
CVE-2014-3812
The Juniper Junos Pulse Secure Access Service SSL VPN devices with IVE OS before 7.4r5 and 8.x before 8.0r1 and Junos Pulse Access Control Service UAC before 4.4r5 and 5.x before 5.0r1 enable cipher suites with weak encryption algorithms, which make it easier for remote attackers to obtain...
CVE-2014-3812
The CVE-2014-3812 issue affects Juniper Junos Pulse Secure Access Service (SSL VPN) IVE OS (<7.4r5) and 8.x (<8.0r1) and Junos Pulse Access Control Service (UAC) (<4.4r5) / 5.x (
CVE-2013-5650
Junos Pulse Secure Access Service IVE 7.1 before 7.1r5, 7.2 before 7.2r10, 7.3 before 7.3r6, and 7.4 before 7.4r3 and Junos Pulse Access Control Service UAC 4.1 before 4.1r8.1, 4.2 before 4.2r5, 4.3 before 4.3r6 and 4.4 before 4.4r3, when a hardware SSL acceleration card is enabled, allows remote...
Design/Logic Flaw
Junos Pulse Secure Access Service IVE 7.1 before 7.1r5, 7.2 before 7.2r10, 7.3 before 7.3r6, and 7.4 before 7.4r3 and Junos Pulse Access Control Service UAC 4.1 before 4.1r8.1, 4.2 before 4.2r5, 4.3 before 4.3r6 and 4.4 before 4.4r3, when a hardware SSL acceleration card is enabled, allows remote...
Design/Logic Flaw
Juniper Junos Pulse Secure Access Service aka SSL VPN with IVE OS 7.0r2 through 7.0r8 and 7.1r1 through 7.1r5 and Junos Pulse Access Control Service aka UAC with UAC OS 4.1r1 through 4.1r5 include a test Certification Authority CA certificate in the Trusted Server CAs list, which makes it easier...