Lucene search
K

2103 matches found

Nuclei
Nuclei
added yesterday53 views

Lotus Domino R5 and R6 WebMail - Information Disclosure

Lotus Domino R5 and R6 WebMail with 'Generate HTML for all fields' enabled which is by default allows remote attackers to read the HTML source to obtain sensitive information including the password hash in the HTTPPassword field, the password change date in the HTTPPasswordChangeDate field, and t...

5CVSS6.1AI score0.73635EPSS
Exploits11References5
EUVD
EUVD
added last week5 views

EUVD-2026-42022

A flaw was found in SSSD's LDAP sudo provider. When the ldapsudosearchbase option is not explicitly configured, SSSD searches the entire LDAP directory tree for sudoRole objects. An authenticated attacker with write access to any subtree can inject a sudoRole object granting root-level sudo...

8.8CVSS5.9AI score0.00348EPSS
Exploits0References2
CVE
CVE
added last week12 views

CVE-2026-14474

SSSD (System Security Services Daemon) LDAP sudo provider is vulnerable when ldap_sudo_search_base is not configured; SSSD will search the entire LDAP directory tree for sudoRole objects. An authenticated attacker with write access to any subtree can inject a sudoRole object, granting root-level ...

8.8CVSS5.9AI score0.00348EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-12610

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is...

6.4CVSS5.9AI score0.00155EPSS
Exploits0References4
NVD
NVD
added 2026/06/30 10:16 a.m.10 views

CVE-2026-12610

A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw by manipulating smartcard or YubiKey contents, leading to a denial of servi...

6.4CVSS0.00155EPSS
Exploits0References3
OSV
OSV
added 2026/06/30 10:16 a.m.5 views

DEBIAN-CVE-2026-12610

A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw by manipulating smartcard or YubiKey contents, leading to a denial of servi...

6.4CVSS5.7AI score0.00155EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 8:27 a.m.17 views

CVE-2026-12610

The CVE-2026-12610 issue affects the SSSD project, specifically the PAM responder path used during YubiKey authentication. A use-after-free in the PAM responder can cause the sssd process to crash when handling memory pointers manipulated via smartcards or YubiKey contents, leading to a denial of...

6.4CVSS5.8AI score0.00155EPSS
Exploits0References3Affected Software2
EUVD
EUVD
added 2026/06/30 8:27 a.m.8 views

EUVD-2026-40268

A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw by manipulating smartcard or YubiKey contents, leading to a denial of servi...

6.4CVSS5.8AI score0.00155EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/30 8:26 a.m.13 views

CVE-2026-12610

A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw by manipulating smartcard or YubiKey contents, leading to a denial of servi...

6.4CVSS5.8AI score0.00155EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 1:1 p.m.4 views

EUVD-2026-39360

Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail...

5.9CVSS5.8AI score0.00352EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in sssd

A flaw was discovered in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Since the data is treated as a NUL-terminated C string without an explicit termination, this leads to a...

5.5CVSS6AI score0.00141EPSS
Exploits0References2
OSV
OSV
added 2026/06/18 8:34 a.m.5 views

MINI-W7CJ-CC2Q-JXF5

Bulletin has no description...

9.1CVSS4.9AI score0.00373EPSS
Exploits0
EUVD
EUVD
added 2026/06/15 10:5 a.m.14 views

EUVD-2026-36712

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a hard-coded cryptographic key in the SafeSystem.Infrastructure.Security.dll component. An attacker with access to the application files can reverse engineer the DLL and recover the hard-coded cryptographic key. This...

6.8CVSS5.3AI score0.0012EPSS
Exploits1References2
OSV
OSV
added 2026/06/12 11:50 a.m.5 views

ROOT-APP-NUGET-CVE-2026-33116 CVE-2026-33116 in Rootio.System.Security.Cryptography.Xml - Patched by Root

Root has patched CVE-2026-33116 in the Rootio.System.Security.Cryptography.Xml package for Root:NuGet. Multiple fixed versions available...

7.5CVSS5.2AI score0.02142EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/11 9:35 a.m.16 views

Important: Red Hat Security Advisory: bind9.18 security update

An update for bind9.18 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

7.5CVSS5.8AI score0.01545EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/09 3:36 p.m.13 views

Important: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS8AI score0.01545EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.12 views

EulerOS Virtualization 2.10.0 : sssd (EulerOS-SA-2026-2064)

According to the versions of the sssd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default...

8.8CVSS5.5AI score0.00756EPSS
Exploits0References2
OSV
OSV
added 2026/06/01 2:5 p.m.23 views

USN-8355-1 sssd vulnerability

It was discovered that SSSD did not properly handle raw bytes in the PAM passkey responder. A local attacker could possibly use this issue to cause the SSSD PAM responder to crash, resulting in a denial of service...

5.5CVSS5.8AI score0.00141EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2026/06/01 2:5 p.m.14 views

USN-8355-1: SSSD vulnerability

It was discovered that SSSD did not properly handle raw bytes in the PAM passkey responder. A local attacker could possibly use this issue to cause the SSSD PAM responder to crash, resulting in a denial of service...

5.5CVSS5.8AI score0.00141EPSS
Exploits0
OSV
OSV
added 2026/05/29 6:1 p.m.9 views

RLSA-2025:11884 Important: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Unbound Cache poisoning CVE-2025-5994 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE...

7.5CVSS5.8AI score0.00188EPSS
Exploits0References2
Rows per page
Query Builder