11 matches found
SUSE SLED15 / SLES15 Security Update : himmelblau (SUSE-SU-2026:1361-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1361-1 advisory. Update to version 2.3.9+git0.a9fd29b; jscPED-14511: - CVE-2026-34397: Fix LPE due to name collision during NSS...
EUVD-2025-19217
Malicious code in bioql PyPI...
CVE-2025-53013
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. A vulnerability present in versions 0.9.10 through 0.9.16 allows a user to authenticate to a Linux host via Himmelblau using an invalid Linux Hello PIN, provided the host is offline. While the user gains access to th...
SUSE CVE-2025-53013
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. A vulnerability present in versions 0.9.10 through 0.9.16 allows a user to authenticate to a Linux host via Himmelblau using an invalid Linux Hello PIN, provided the host is offline. While the user gains access to th...
CVE-2025-53013
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. A vulnerability present in versions 0.9.10 through 0.9.16 allows a user to authenticate to a Linux host via Himmelblau using an invalid Linux Hello PIN, provided the host is offline. While the user gains access to th...
CVE-2025-53013
Summary (CVE-2025-53013, Himmelblau) : Versions 0.9.10–0.9.16 allow offline authentication to a Linux host via Himmelblau using an invalid Linux Hello PIN. The root cause is an incorrect handling in acquire_token_by_hello_for_business_key: offline, a TPMFail is expected for an invalid key, but a ...
CVE-2025-53013 Himmelblau offline auth permits authentication with invalid Hello PIN
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. A vulnerability present in versions 0.9.10 through 0.9.16 allows a user to authenticate to a Linux host via Himmelblau using an invalid Linux Hello PIN, provided the host is offline. While the user gains access to th...
CVE-2025-53013 Himmelblau offline auth permits authentication with invalid Hello PIN
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. A vulnerability present in versions 0.9.10 through 0.9.16 allows a user to authenticate to a Linux host via Himmelblau using an invalid Linux Hello PIN, provided the host is offline. While the user gains access to th...
CVE-2025-53013 Himmelblau offline auth permits authentication with invalid Hello PIN
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. A vulnerability present in versions 0.9.10 through 0.9.16 allows a user to authenticate to a Linux host via Himmelblau using an invalid Linux Hello PIN, provided the host is offline. While the user gains access to th...
PT-2025-27005
Name of the Vulnerable Software and Affected Versions: Himmelblau versions 0.9.10 through 0.9.16 Description: A vulnerability in Himmelblau allows a user to authenticate to a Linux host using an invalid Linux Hello PIN when the host is offline. This issue arises from an incorrect assumption in th...
Himmelblau 授权问题漏洞
Himmelblau is an Azure Entra ID authentication module open-sourced by Himmelblau. An authorization issue vulnerability exists in Himmelblau versions 0.9.10 to 0.9.16, which stems from an invalid Linux Hello PIN authentication that can be used while offline...