CVE-2025-62795 JumpServer Unauthorized LDAP Configuration Access via WebSocket

JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to v3.10.21-lts and v4.10.12-lts, a low-privileged authenticated user can invoke LDAP configuration tests and start LDAP synchronization by sending crafted messages to the /ws/ldap/ WebSocket...

PT-2021-7361 · Sudo +8 · Sudo +8

Name of the Vulnerable Software and Affected Versions: Sudo versions prior to 1.9.5 Description: The issue is related to the sudoedit personality of Sudo, which may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a race condition in replacing a...

SUSE SLES12 Security Update : python-cffi, python-cryptography (SUSE-SU-2020:0792-1)

This update for python-cffi, python-cryptography fixes the following issues : Security issue fixed : CVE-2018-10903: Fixed GCM tag forgery via truncated tag in finalizewithtag API bsc1101820. Non-security issues fixed : python-cffi was updated to 1.11.2 bsc1138748, jscECO-1256, jscPM-1598: fixed ...