Lucene search
K

14 matches found

OSV
OSV
added 2026/05/16 12:20 p.m.7 views

CLSA-2026-1778934026 Fix CVE(s): CVE-2026-42010

SECURITY UPDATE: Authentication bypass via NUL-byte truncation in RSA-PSK username lookup - debian/patches/CVE-2026-42010.patch: replace strleninfo-username with info-usernamelen in gnutlsprocrsapskclientkx in lib/auth/rsapsk.c to prevent NUL-byte truncation allowing username matching with...

9.8CVSS5.8AI score0.0105EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-4119

Malware in sbrugna...

6.2CVSS6.1AI score0.00341EPSS
Exploits0References13
Cvelist
Cvelist
added 2024/11/14 2:51 p.m.58 views

CVE-2022-2232 Keycloak: ldap injection on username input

A flaw was found in the Keycloak package. This flaw allows an attacker to utilize an LDAP injection to bypass the username lookup or potentially perform other malicious actions...

7.5CVSS0.00642EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/11/14 12:0 a.m.5 views

Red Hat Keycloak 输入验证错误漏洞

Red Hat Keycloak is a suite of software from Red Hat, Inc. that provides authentication and management capabilities for modern applications and services. An input validation error vulnerability exists in Red Hat Keycloak that originates from a vulnerability that allows an attacker to perform othe...

7.5CVSS7.5AI score0.00642EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/01/09 4:9 p.m.2 views

keycloak: LDAP injection on username input

A flaw was found in the Keycloak package. This flaw allows an attacker to utilize an LDAP injection to bypass the username lookup or potentially perform other malicious actions...

7.5CVSS5.7AI score0.00642EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/11/29 12:0 a.m.1 views

PT-2023-12685 · Red Hat · Keycloak

Name of the Vulnerable Software and Affected Versions: Keycloak affected versions not specified Description: A flaw was found in the Keycloak package, allowing an attacker to utilize an LDAP injection to bypass the username lookup or potentially perform other malicious actions. This flaw also...

7.5CVSS6.6AI score0.00642EPSS
Exploits0References12
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.29 views

Mandriva Update for libnfsidmap MDKSA-2007:240 (libnfsidmap)

Check for the Version of libnfsidmap OpenVAS Vulnerability Test Mandriva Update for libnfsidmap MDKSA-2007:240 libnfsidmap Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

6.2CVSS0.2AI score0.00341EPSS
Exploits0References2
securityvulns
securityvulns
added 2007/12/12 12:0 a.m.57 views

[ MDKSA-2007:240 ] - Updated libnfsidmap packages fix username lookup flaw

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2007:240 http://www.mandriva.com/security/ Package : libnfsidmap Date : December 7, 2007 Affected: 2007.0, Corporate 4.0 Problem Description: The NFSv4 ID mapper prior to 0.17 did not properly handle return value...

6.2CVSS6.1AI score0.00341EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2007/10/02 8:55 p.m.8 views

nfs-utils-lib NFSv4 user id mapping flaw

The NFSv4 ID mapper nfsidmap before 0.17 does not properly handle return values from the getpwnamr function when performing a username lookup, which can cause it to report a file as being owned by "root" instead of "nobody" if the file exists on the server but not on the client...

6.2CVSS5.8AI score0.00341EPSS
Exploits0References4
Prion
Prion
added 2007/09/05 1:17 a.m.19 views

Code injection

The NFSv4 ID mapper nfsidmap before 0.17 does not properly handle return values from the getpwnamr function when performing a username lookup, which can cause it to report a file as being owned by "root" instead of "nobody" if the file exists on the server but not on the client...

6.2CVSS6.4AI score0.00341EPSS
Exploits0References9Affected Software1
UbuntuCve
UbuntuCve
added 2007/09/05 1:17 a.m.34 views

CVE-2007-4135

The NFSv4 ID mapper nfsidmap before 0.17 does not properly handle return values from the getpwnamr function when performing a username lookup, which can cause it to report a file as being owned by "root" instead of "nobody" if the file exists on the server but not on the client...

6.2CVSS5.9AI score0.00341EPSS
Exploits0References1
OSV
OSV
added 2007/09/05 1:17 a.m.2 views

DEBIAN-CVE-2007-4135

The NFSv4 ID mapper nfsidmap before 0.17 does not properly handle return values from the getpwnamr function when performing a username lookup, which can cause it to report a file as being owned by "root" instead of "nobody" if the file exists on the server but not on the client...

6.2CVSS6.5AI score0.00341EPSS
Exploits0References1
OSV
OSV
added 2007/09/05 1:17 a.m.7 views

CVE-2007-4135

The NFSv4 ID mapper nfsidmap before 0.17 does not properly handle return values from the getpwnamr function when performing a username lookup, which can cause it to report a file as being owned by "root" instead of "nobody" if the file exists on the server but not on the client...

6.2AI score
Exploits0References10
CVE
CVE
added 2007/09/05 1:0 a.m.64 views

CVE-2007-4135

CVE-2007-4135 affects the NFSv4 ID mapper (libnfsidmap) prior to 0.17. The root cause is improper handling of return values from getpwnam_r during username lookup, which can cause a file to be reported as owned by root instead of nobody when the file exists on the server but not on the client. Pu...

6.2CVSS6AI score0.00341EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder