CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

vulnersOsv•added 2025/12/19 9:31 p.m.•3 views

com.github.vzakharchenko:chillispot-radius-plugin (>=1.3.2 <=1.4.11), com.github.vzakharchenko:cisco-radius-plugin (>=1.3.2 <=1.4.11) +48 more potentially affected by CVE-2025-13467 via org.keycloak:keycloak-ldap-federation (>=10.0.0 <=26.2.1)

org.keycloak:keycloak-ldap-federation MAVEN version =10.0.0, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =2.5.6-24.0, =0.1.0, =0.2, =6.19, =7.1 and more Source cves: CVE-2025-13467 Source advisory: OSV:GHSA-4HX9-48XH-5MXR...

5.5CVSS5.8AI score0.00062EPSS

Exploits0

Snyk•added 2025/11/25 4:41 p.m.•1 views

Deserialization of Untrusted Data

Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the URL references when following referrals. An attacker can manipulate application behavior by configuring a malicious LDAP server and triggering deserialization of untrusted Java objects as an...

5.5CVSS6.9AI score0.00062EPSS

Exploits0References4

vulnersOsv•added 2025/03/10 9:7 p.m.•5 views

com.github.vzakharchenko:chillispot-radius-plugin (>=1.3.2 <=1.4.11), com.github.vzakharchenko:cisco-radius-plugin (>=1.3.2 <=1.4.11) +34 more potentially affected by CVE-2025-0604 via org.keycloak:keycloak-ldap-federation (>=10.0.0 <=26.0.1)

org.keycloak:keycloak-ldap-federation MAVEN version =10.0.0, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =2.5.6-24.0, =0.1.0, =0.2, =1.0.0, =1.1.0 and more Source cves: CVE-2025-0604 Source advisory: OSV:GHSA-2P82-5WWR-43CW...

5.4CVSS6AI score0.00046EPSS

Exploits0

vulnersOsv•added 2024/06/21 3:52 p.m.•3 views

com.github.vzakharchenko:chillispot-radius-plugin (>=1.3.2 <=1.4.11), com.github.vzakharchenko:cisco-radius-plugin (>=1.3.2 <=1.4.11) +28 more potentially affected by CVE-2024-5967 via org.keycloak:keycloak-ldap-federation (>=10.0.0 <=22.0.1)

org.keycloak:keycloak-ldap-federation MAVEN version =10.0.0, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =0.1.0, =0.2, =1.0.0, =12.0.0, =1.0-beta-4, =18.0.0, =22.0.1 and more Source cves: CVE-2024-5967 Source advisory: OSV:GHSA-C25H-C27Q-5QPV...

2.7CVSS5.8AI score0.00093EPSS

Exploits0

Veracode•added 2023/11/30 10:30 a.m.•34 views

LDAP Injection

keycloak-ldap-federation, keycloak-services is vulnerable to LDAP Injection. The vulnerability is due to the getFilterById function in LDAPOperationManager.java and getUserFromForm function in AbstractUsernameFormAuthenticator.java. This allows an attacker to manipulate the LDAP query in...

7.5CVSS7.5AI score0.00113EPSS

Exploits0References8Affected Software2

vulnersOsv•added 2023/11/29 9:33 p.m.•3 views

com.github.vzakharchenko:chillispot-radius-plugin (>=1.3.2 <=1.4.11), com.github.vzakharchenko:cisco-radius-plugin (>=1.3.2 <=1.4.11) +28 more potentially affected by CVE-2022-2232 via org.keycloak:keycloak-ldap-federation (>=10.0.0 <=23.0.0)

org.keycloak:keycloak-ldap-federation MAVEN version =10.0.0, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =1.3.2, =0.1.0, =0.2, =1.0.0, =12.0.0, =1.0-beta-4, =18.0.0, =23.0.0 and more Source cves: CVE-2022-2232 Source advisory: OSV:GHSA-8HC5-RMGF-QX6P...

7.5CVSS7.1AI score0.00113EPSS

Exploits0

Prion•added 2019/12/04 3:15 p.m.•12 views

Default credentials

A vulnerability was found in Keycloak 7.x where the user federation LDAP bind type is none LDAP anonymous bind, any password, invalid or valid will be accepted...

7.5CVSS8.2AI score0.0029EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by