Lucene search
K

5 matches found

Snyk
Snyk
added 2026/04/14 8:6 p.m.8 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the APICall feature. An attacker can access sensitive internal resources and exfiltrate confidential data by supplying arbitrary URLs to the APICall feature, which are executed with elevated privilege...

7.7CVSS5.9AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

MiracleLinux 7 : sssd-1.16.4-21.el7 (AXSA:2019-4334:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4334:02 advisory. sssd: fallbackhomedir returns '/' for empty home directories in passwd file CVE-2019-3811 sssd: improper implementation of GPOs due to too restricti...

5.5CVSS6.2AI score0.01122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:24 a.m.1 views

SUSE CVE-2018-16838

A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access...

5.4CVSS6.4AI score0.01122EPSS
Exploits0References8
Pen Test Partners Blog
Pen Test Partners Blog
added 2021/02/23 6:32 a.m.86 views

Feature and Permission Policies. Security issues

Introduction In order to help enhance the user experience of their site, companies may ask to use features of your browser, such as geolocation or notifications to produce a more tailored experience. Web site developers may configure the site or allow third-party content, loaded in frames, to use...

6AI score
Exploits0
RedHat Linux
RedHat Linux
added 2015/03/05 9:38 a.m.5 views

krb5: NULL pointer dereference when using a ticket policy name as a password policy name

If kadmind were used with an LDAP back end for the KDC database, a remote, authenticated attacker who has the permissions to set the password policy could crash kadmind by attempting to use a named ticket policy object as a password policy for a principal...

3.5CVSS7.2AI score0.04968EPSS
Exploits0References4
Rows per page
Query Builder