Lucene search
K

22 matches found

Vulnrichment
Vulnrichment
added 6 days ago6 views

CVE-2026-12610 Sssd: use-after-free crash in sssd' 'sssd_pam' process

A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw by manipulating smartcard or YubiKey contents, leading to a denial of servi...

6.4CVSS5.8AI score0.00155EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 6 days ago8 views

CVE-2026-12610

A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw by manipulating smartcard or YubiKey contents, leading to a denial of servi...

6.4CVSS5.8AI score0.00155EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/15 9:30 p.m.24 views

EUVD-2026-23032

A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...

5.5CVSS5.8AI score0.00141EPSS
Exploits0References3
CVE
CVE
added 2026/04/15 6:35 p.m.24 views

CVE-2026-6245

CVE-2026-6245 affects the System Security Services Daemon (SSSD) PAM passkey responder. The pam_passkey_child_read_data() function mishandles raw bytes from a pipe, treating them as a NUL-terminated C string, causing an out-of-bounds read (Crash) and local DoS. Affected: SSSD PAM responder; vecto...

5.5CVSS5.8AI score0.00141EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/15 6:35 p.m.1 views

CVE-2026-6245 Sssd: out-of-bounds read in the sssd

A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...

5.5CVSS5.8AI score0.00141EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2021/12/21 9:7 a.m.11 views

sssd bug fix and enhancement update

An update is available for sssd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The System Security Services Daemon SSSD service provides a set of daemons to...

0.5AI score
Exploits0
AlmaLinux
AlmaLinux
added 2021/12/21 9:7 a.m.23 views

sssd bug fix and enhancement update

The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch NSS and the Pluggable Authentication Modules PAM interfaces toward the system, and a pluggable back-end system ...

7.1AI score
Exploits0
OSV
OSV
added 2021/12/21 9:7 a.m.11 views

ALBA-2021:5228 sssd bug fix and enhancement update

The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch NSS and the Pluggable Authentication Modules PAM interfaces toward the system, and a pluggable back-end system ...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.30 views

Scientific Linux Security Update : sssd on SL5.x i386/x86_64

The System Security Services Daemon SSSD provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable back-end system to connect to multiple different account sources. It is also the basis to...

2.1CVSS5.4AI score0.00486EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2012/07/30 12:0 a.m.25 views

CentOS Update for sssd CESA-2011:0975 centos5 x86_64

Check for the Version of sssd OpenVAS Vulnerability Test CentOS Update for sssd CESA-2011:0975 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

2.1CVSS6.3AI score0.00486EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2012/06/06 12:0 a.m.26 views

RedHat Update for sssd RHSA-2011:0560-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

2.1CVSS6.5AI score0.00486EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2012/06/06 12:0 a.m.26 views

RedHat Update for sssd RHSA-2011:0560-01

Check for the Version of sssd OpenVAS Vulnerability Test RedHat Update for sssd RHSA-2011:0560-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

2.1CVSS6.3AI score0.00486EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2011/09/23 12:0 a.m.26 views

CentOS Update for sssd CESA-2011:0975 centos5 i386

Check for the Version of sssd OpenVAS Vulnerability Test CentOS Update for sssd CESA-2011:0975 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

2.1CVSS6.3AI score0.00486EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2011/09/23 12:0 a.m.22 views

CentOS Update for sssd CESA-2011:0975 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

2.1CVSS5.2AI score0.00486EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2011/07/22 12:0 a.m.24 views

RHEL 5 : sssd (RHSA-2011:0975)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2011:0975 advisory. The System Security Services Daemon SSSD provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides ...

2.1CVSS5.6AI score0.00486EPSS
Exploits0References41
RedHat Linux
RedHat Linux
added 2011/05/19 11:18 a.m.61 views

sssd: DoS in sssd PAM responder can prevent logins

The pamparseindatav2 function in src/responder/pam/pamsrvcmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service infinite loop, crash, and login prevention via a crafted packet...

2.1CVSS5.8AI score0.00486EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2011/05/19 11:18 a.m.29 views

Low: Red Hat Security Advisory: sssd security, bug fix, and enhancement update

Updated sssd packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which give...

2.1CVSS5.8AI score0.00486EPSS
Exploits0References58
NVD
NVD
added 2011/01/25 1:0 a.m.21 views

CVE-2010-4341

The pamparseindatav2 function in src/responder/pam/pamsrvcmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service infinite loop, crash, and login prevention via a crafted packet...

2.1CVSS5.8AI score0.00486EPSS
Exploits0References13
OSV
OSV
added 2011/01/25 1:0 a.m.1 views

DEBIAN-CVE-2010-4341

The pamparseindatav2 function in src/responder/pam/pamsrvcmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service infinite loop, crash, and login prevention via a crafted packet...

2.1CVSS6.4AI score0.00486EPSS
Exploits0References1
OSV
OSV
added 2011/01/25 1:0 a.m.5 views

CVE-2010-4341

The pamparseindatav2 function in src/responder/pam/pamsrvcmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service infinite loop, crash, and login prevention via a crafted packet...

5.8AI score
Exploits0References13
Rows per page
Query Builder