Lucene search
+L

417 matches found

nessus
nessus
added 2025/11/01 12:0 a.m.5 views

Fedora 42 : sssd (2025-5f49ddd4af)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-5f49ddd4af advisory. - Fixes CVE-2025-11561 - Resolves: https://bugzilla.redhat.com/showbug.cgi?id=2402728 After startup SSSD already creates a Kerberos configuration snippet in...

8.8CVSS5.5AI score0.00756EPSS
Exploits0References2
nessus
nessus
added 2025/10/28 12:0 a.m.7 views

Amazon Linux 2023 : libipa_hbac, libipa_hbac-devel, libsss_autofs (ALAS2023-2025-1249)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1249 advisory. A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, SSSD does not enable the Kerberos local authentication...

8.8CVSS5.5AI score0.00756EPSS
Exploits0References4
amazon
amazon
added 2025/10/27 12:0 a.m.6 views

Important: sssd

Issue Overview: A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, SSSD does not enable the Kerberos local authentication plugin sssdkrb5localauthplugin, allowing an attacker with permission to modify...

8.8CVSS6.4AI score0.00756EPSS
Exploits0
nessus
nessus
added 2025/10/26 12:0 a.m.4 views

Fedora 41 : sssd (2025-c1dfec4d73)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-c1dfec4d73 advisory. - Fixes CVE-2025-11561 - Resolves: https://bugzilla.redhat.com/showbug.cgi?id=2402728 After startup SSSD already creates a Kerberos configuration snippet in...

8.8CVSS5.5AI score0.00756EPSS
Exploits0References2
osv
osv
added 2025/10/24 2:33 p.m.4 views

OESA-2025-2518 sssd security update

Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable back end system to connect to multiple different account sources. It is also the basis to provide client auditing and policy...

8.8CVSS7.1AI score0.00756EPSS
Exploits0References2
osv
osv
added 2025/10/24 2:33 p.m.6 views

OESA-2025-2516 sssd security update

Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable back end system to connect to multiple different account sources. It is also the basis to provide client auditing and policy...

8.8CVSS7.1AI score0.00756EPSS
Exploits0References2
osv
osv
added 2025/10/24 2:33 p.m.8 views

OESA-2025-2515 sssd security update

Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable back end system to connect to multiple different account sources. It is also the basis to provide client auditing and policy...

8.8CVSS7.1AI score0.00756EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2025/10/24 12:0 a.m.4 views

CVE-2025-60419

An issue was discovered in the NDIS Usermode IO driver RtkIOAC60.sys, version 6.0.5600.16348 allowing local authenticated attackers to send a crafted IOCTL request to the driver to cause a denial of service...

6AI score0.00121EPSS
Exploits0References1
osv
osv
added 2025/10/21 7:21 p.m.6 views

CVE-2025-56800

Reolink desktop application 8.18.12 contains a vulnerability in its local authentication mechanism. The application implements lock screen password logic entirely on the client side using JavaScript within an Electron resource file. Because the password is stored and returned via a modifiable...

5.1CVSS5.8AI score0.00242EPSS
Exploits2References2
euvd
euvd
added 2025/10/21 12:0 a.m.5 views

EUVD-2025-35227

Reolink desktop application 8.18.12 contains a vulnerability in its local authentication mechanism. The application implements lock screen password logic entirely on the client side using JavaScript within an Electron resource file. Because the password is stored and returned via a modifiable...

5.1CVSS6.2AI score0.00242EPSS
Exploits2References2
githubexploit
githubexploit
added 2025/10/18 3:18 p.m.200 views

Exploit for CVE-2025-56800

CVE-2025-56800 Local Authentication Bypass Vulnerability i...

7.2AI score0.00242EPSS
Exploits2
redhatcve
redhatcve
added 2025/10/15 3:47 p.m.5 views

CVE-2025-58325

An Incorrect Provision of Specified Functionality vulnerability CWE-684 in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2.5 through 7.2.10, 7.0.0 through 7.0.15, 6.4 all versions may allow a local authenticated attacker to execute system commands via crafted CLI commands...

8.2CVSS7AI score0.00288EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/10/14 12:0 a.m.6 views

PT-2025-41965

Name of the Vulnerable Software and Affected Versions FortiOS versions 6.4 all versions FortiOS versions 7.0.0 through 7.0.15 FortiOS versions 7.2.5 through 7.2.10 FortiOS versions 7.4.0 through 7.4.5 FortiOS version 7.6.0 Description An issue exists in FortiOS where a local authenticated attacke...

8.2CVSS6.6AI score0.00288EPSS
Exploits0References4
nessus
nessus
added 2025/10/13 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-11561

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos...

8.8CVSS7.4AI score0.00756EPSS
Exploits0References3
osv
osv
added 2025/10/09 2:15 p.m.5 views

DEBIAN-CVE-2025-11561

A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos local authentication plugin sssdkrb5localauthplugin is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an...

8.8CVSS5.9AI score0.00756EPSS
Exploits0References1
nvd
nvd
added 2025/10/09 2:15 p.m.6 views

CVE-2025-11561

A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos local authentication plugin sssdkrb5localauthplugin is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an...

8.8CVSS0.00756EPSS
Exploits0References28
osv
osv
added 2025/10/09 2:15 p.m.9 views

UBUNTU-CVE-2025-11561

A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos local authentication plugin sssdkrb5localauthplugin is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an...

8.8CVSS7.2AI score0.00756EPSS
Exploits0References4
debiancve
debiancve
added 2025/10/09 1:37 p.m.5 views

CVE-2025-11561

A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos local authentication plugin sssdkrb5localauthplugin is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an...

8.8CVSS5.9AI score0.00756EPSS
Exploits0
cve
cve
added 2025/10/09 1:37 p.m.37 views

CVE-2025-11561

CVE-2025-11561 affects the System Security Services Daemon (SSSD) on Linux in default AD integration configurations. A fallback path from the Kerberos local authentication plugin (sssd_krb5_localauth_plugin) to the an2ln plugin can be taken if AD attributes (e.g., userPrincipalName or samAccountN...

8.8CVSS6.1AI score0.00756EPSS
Exploits0References28
cvelist
cvelist
added 2025/10/09 1:37 p.m.12 views

CVE-2025-11561 Sssd: sssd default kerberos configuration allows privilege escalation on ad-joined linux systems

A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos local authentication plugin sssdkrb5localauthplugin is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an...

8.8CVSS0.00756EPSS
Exploits0References28
Rows per page
Query Builder