Lucene search
K

4 matches found

OSV
OSV
added 2026/04/15 2:14 p.m.4 views

SUSE-SU-2026:1361-1 Security update for himmelblau

This update for himmelblau fixes the following issues: Update to version 2.3.9+git0.a9fd29b; jscPED-14511: - CVE-2026-34397: Fix LPE due to name collision during NSS fake-primary group lookup bsc1261324. - CVE-2026-31979: Fix race condition when accessiung /tmp/krb5ccuid bsc1259548. -...

8.8CVSS6.1AI score0.00707EPSS
Exploits4References16
OPENSUSE Linux
OPENSUSE Linux
added 2025/07/05 12:0 a.m.9 views

himmelblau-0.9.17+git.0.4a97692-1.1 on GA media (moderate)

himmelblau-0.9.17+git.0.4a97692-1.1 on GA media Announcement ID: openSUSE-SU-2025:15229-1 Rating: moderate Cross-References: CVE-2025-53013 CVSS scores: CVE-2025-53013 SUSE : 5.2 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N CVE-2025-53013 SUSE : 4.3...

5.2CVSS6.5AI score0.00202EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/06/28 6:24 p.m.8 views

CVE-2025-53013

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. A vulnerability present in versions 0.9.10 through 0.9.16 allows a user to authenticate to a Linux host via Himmelblau using an invalid Linux Hello PIN, provided the host is offline. While the user gains access to th...

5.2CVSS6.5AI score0.00202EPSS
Exploits0References1
CVE
CVE
added 2025/06/26 6:2 p.m.19 views

CVE-2025-53013

Summary (CVE-2025-53013, Himmelblau) : Versions 0.9.10–0.9.16 allow offline authentication to a Linux host via Himmelblau using an invalid Linux Hello PIN. The root cause is an incorrect handling in acquire_token_by_hello_for_business_key: offline, a TPMFail is expected for an invalid key, but a ...

5.2CVSS7AI score0.00202EPSS
Exploits0References5
Rows per page
Query Builder