8 matches found
CVE-2026-45108
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 2.0.0 to before 3.1.5 and 2.3.11, Himmelblau contained an authentication bypass vulnerability in the Device Authorization Grant DAG flow that allowed a user within the same Entra ID domain to obtain a local Unix...
postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code
Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database...
GHSA-4685-2X5R-65PJ Pebble service manager's file pull API allows access by any user
Impact Note: "Pebble" here refers to Canonical's service manager, not the Let's Encrypt ACME test server. The API behind pebble pull, used to read files from the workload container by Juju charms, allows access from any user, instead of just admin. In Juju Kubernetes sidecar charms, Pebble and th...
Pebble service manager's file pull API allows access by any user
Impact Note: "Pebble" here refers to Canonical's service manager, not the Let's Encrypt ACME test server. The API behind pebble pull, used to read files from the workload container by Juju charms, allows access from any user, instead of just admin. In Juju Kubernetes sidecar charms, Pebble and th...
VMware vRealize Operations (vROps) Manager SSRF RCE
This module exploits a pre-auth SSRF CVE-2021-21975 and post-auth file write CVE-2021-21983 in VMware vRealize Operations Manager to leak admin creds and write/execute a JSP payload. CVE-2021-21975 affects the /casa/nodes/thumbprints endpoint, and CVE-2021-21983 affects the...
USN-2742-1 openldap vulnerabilities
Denis Andzakovic discovered that OpenLDAP incorrectly handled certain BER data. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. CVE-2015-6908 Dietrich Clauss discovered that the OpenLDAP package incorrectly shipped with a potentially...
Fedora Core 2 : krb5-1.3.3-7 (2004-150)
Bugs have been fixed in the krb5anametolocalname library function. Specifically, buffer overflows were possible for all Kerberos versions up to and including 1.3.3. The krb5anametolocalname function translates a Kerberos principal name to a local account name, typically a UNIX username. This...
Moderate: Red Hat Security Advisory: krb5 security update
Updated Kerberos 5 krb5 packages which correct buffer overflows in the krb5anametolocalname function are now available. Kerberos is a network authentication system. Bugs have been fixed in the krb5anametolocalname library function. Specifically, buffer overflows were possible for all Kerberos...