Lucene search
K

2106 matches found

OSV
OSV
added 2025/11/05 9:0 a.m.2 views

RLSA-2025:19610 Important: sssd security update

The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch NSS and the Pluggable Authentication Modules PAM interfaces toward the system, and a pluggable back-end system ...

8.8CVSS7.7AI score0.00756EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.4 views

RockyLinux 8 : sssd (RLSA-2025:19610)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:19610 advisory. sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems CVE-2025-11561 Tenable has extracted the preceding description...

8.8CVSS5.5AI score0.00756EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/11/04 10:48 a.m.4 views

sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems

A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos local authentication plugin sssdkrb5localauthplugin is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an...

8.8CVSS5.8AI score0.00756EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/11/04 10:48 a.m.5 views

Important: Red Hat Security Advisory: sssd security update

An update for sssd is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

8.8CVSS6.9AI score0.00756EPSS
Exploits0References2
AlmaLinux
AlmaLinux
added 2025/11/04 12:0 a.m.5 views

Important: sssd security update

The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch NSS and the Pluggable Authentication Modules PAM interfaces toward the system, and a pluggable back-end system ...

8.8CVSS7.7AI score0.00756EPSS
Exploits0References4
OSV
OSV
added 2025/11/04 12:0 a.m.3 views

ALSA-2025:19610 Important: sssd security update

The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch NSS and the Pluggable Authentication Modules PAM interfaces toward the system, and a pluggable back-end system ...

8.8CVSS7.7AI score0.00756EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2025/11/03 12:0 a.m.0 views

Fedora: Security Advisory (FEDORA-2025-5f49ddd4af)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.8AI score0.00756EPSS
Exploits0References3
OSV
OSV
added 2025/10/31 2:13 p.m.7 views

OESA-2025-2579 sssd security update

SSSD provides a set of daemons to manage access to remote directories and authentication mechanisms such as LDAP, Kerberos or FreeIPA. It provides an NSS and PAM interface toward the system and a pluggable backend system to connect to multiple different account sources. Security Fixes: A flaw was...

8.8CVSS7.1AI score0.00756EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/27 9:32 a.m.6 views

EUVD-2025-36142

A weakness has been identified in code-projects Online Event Judging System 1.0. This vulnerability affects unknown code of the file /editcontestant.php. Executing manipulation of the argument contestantid can lead to sql injection. The attack can be executed remotely. The exploit has been made...

6.5CVSS6.7AI score0.00396EPSS
Exploits1References6
Amazon
Amazon
added 2025/10/27 12:0 a.m.6 views

Important: sssd

Issue Overview: A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, SSSD does not enable the Kerberos local authentication plugin sssdkrb5localauthplugin, allowing an attacker with permission to modify...

8.8CVSS6.6AI score0.00756EPSS
Exploits0
Amazon
Amazon
added 2025/10/27 12:0 a.m.5 views

Important: sssd

Issue Overview: A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, SSSD does not enable the Kerberos local authentication plugin sssdkrb5localauthplugin, allowing an attacker with permission to modify...

8.8CVSS6.4AI score0.00756EPSS
Exploits0
OSV
OSV
added 2025/10/24 2:33 p.m.4 views

OESA-2025-2518 sssd security update

Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable back end system to connect to multiple different account sources. It is also the basis to provide client auditing and policy...

8.8CVSS7.1AI score0.00756EPSS
Exploits0References2
OSV
OSV
added 2025/10/24 2:33 p.m.8 views

OESA-2025-2515 sssd security update

Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable back end system to connect to multiple different account sources. It is also the basis to provide client auditing and policy...

8.8CVSS7.1AI score0.00756EPSS
Exploits0References2
OSV
OSV
added 2025/10/24 2:33 p.m.5 views

OESA-2025-2514 sssd security update

Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable back end system to connect to multiple different account sources. It is also the basis to provide client auditing and policy...

8.8CVSS7.1AI score0.00756EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/10/22 2:15 p.m.2 views

CVE-2022-50557

In the Linux kernel, the following vulnerability has been resolved: pinctrl: thunderbay: fix possible memory leak in thunderbaybuildfunctions The thunderbayaddfunctions will free memory of thunderbayfuncs when everything is ok, but thunderbayfuncs will not be freed when thunderbayaddfunctions...

5.7AI score0.00193EPSS
Exploits0References5
ICS
ICS
added 2025/10/16 6:0 a.m.5 views

Rockwell Automation ArmorStart AOP

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition on the affected product. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:...

8.7CVSS6.6AI score0.00353EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2025/10/13 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-11561

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos...

8.8CVSS7.4AI score0.00756EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/10/09 11:27 p.m.4 views

SUSE CVE-2025-11561

A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos local authentication plugin sssdkrb5localauthplugin is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an...

8.8CVSS6.5AI score0.00756EPSS
Exploits0References20
NVD
NVD
added 2025/10/09 2:15 p.m.6 views

CVE-2025-11561

A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos local authentication plugin sssdkrb5localauthplugin is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an...

8.8CVSS0.00756EPSS
Exploits0References28
OSV
OSV
added 2025/10/09 2:15 p.m.9 views

UBUNTU-CVE-2025-11561

A flaw was found in the integration of Active Directory and the System Security Services Daemon SSSD on Linux systems. In default configurations, the Kerberos local authentication plugin sssdkrb5localauthplugin is enabled, but a fallback to the an2ln plugin is possible. This fallback allows an...

8.8CVSS7.2AI score0.00756EPSS
Exploits0References4
Rows per page
Query Builder