Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-7412

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, the Operation Delegation feature fails to validate the destination URI of delegated...

8.6CVSS6AI score0.00516EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/26 2:48 a.m.5 views

CVE-2026-42255

Technitium DNS Server before 15.0 allows DNS traffic amplification via cyclic name server delegation...

7.2CVSS5.2AI score0.00207EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/06/10 2:24 p.m.4 views

freeipa: delegation rules allow a proxy service to impersonate any user to access another target service

A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos was missing a condition for granting the "forwardable" flag on S4U2Self tickets. Fixing this mistake required adding a special case for the checkallowedtodelegate function: If the target service...

8.8CVSS5.8AI score0.00667EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/01/10 1:17 p.m.15 views

Kerberos: delegation constrain bypass in S4U2Proxy

It was found that the Kerberos Key Distribution Center KDC delegation feature, Service for User S4U, did not sufficiently protect the tickets it's providing from tempering. A malicious, authenticated service principal allowed to delegate could use this flaw to impersonate a non-forwardable user...

9CVSS6.5AI score0.13794EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/01/10 12:33 p.m.43 views

Kerberos: delegation constrain bypass in S4U2Proxy

It was found that the Kerberos Key Distribution Center KDC delegation feature, Service for User S4U, did not sufficiently protect the tickets it's providing from tempering. A malicious, authenticated service principal allowed to delegate could use this flaw to impersonate a non-forwardable user...

9CVSS6.5AI score0.13794EPSS
Exploits0References5
HackRead
HackRead
added 2023/11/28 3:8 p.m.20 views

Hunters Security: Google Workspace Vulnerable to Takeover Due to Domain-Wide Delegation Flaw

By Owais Sultan Dubbed "DeleFriend," the vulnerability enables attackers to manipulate GCP and Google Workspace delegations without needing the high-privilege Super Admin role on Workspace. This is a post from HackRead.com Read the original post: Hunters Security: Google Workspace Vulnerable to...

7.2AI score
Exploits0
RedHat Linux
RedHat Linux
added 2021/10/20 1:47 p.m.7 views

OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation (Libraries, 8266689)

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows low privileged attack...

6.8CVSS7.4AI score0.027EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/12/12 3:41 a.m.9 views

bind: delegation handling denial of service

A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash...

7.8CVSS6.8AI score0.65683EPSS
Exploits0References5
Rows per page
Query Builder