Lucene search
K

200 matches found

Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-12610

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is...

6.4CVSS5.9AI score0.00155EPSS
Exploits0References4
OSV
OSV
added 2026/06/30 10:16 a.m.4 views

DEBIAN-CVE-2026-12610

A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw by manipulating smartcard or YubiKey contents, leading to a denial of servi...

6.4CVSS5.7AI score0.00155EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 10:16 a.m.2 views

UBUNTU-CVE-2026-12610

A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw by manipulating smartcard or YubiKey contents, leading to a denial of servi...

6.4CVSS5.8AI score0.00155EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/30 8:27 a.m.7 views

EUVD-2026-40268

A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw by manipulating smartcard or YubiKey contents, leading to a denial of servi...

6.4CVSS5.8AI score0.00155EPSS
Exploits0References3
CVE
CVE
added 2026/06/30 8:27 a.m.13 views

CVE-2026-12610

The CVE-2026-12610 issue affects the SSSD project, specifically the PAM responder path used during YubiKey authentication. A use-after-free in the PAM responder can cause the sssd process to crash when handling memory pointers manipulated via smartcards or YubiKey contents, leading to a denial of...

6.4CVSS5.8AI score0.00155EPSS
Exploits0References3Affected Software2
Vulnrichment
Vulnrichment
added 2026/06/30 8:27 a.m.8 views

CVE-2026-12610 Sssd: use-after-free crash in sssd' 'sssd_pam' process

A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw by manipulating smartcard or YubiKey contents, leading to a denial of servi...

6.4CVSS5.8AI score0.00155EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/30 8:27 a.m.34 views

CVE-2026-12610 Sssd: use-after-free crash in sssd' 'sssd_pam' process

A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw by manipulating smartcard or YubiKey contents, leading to a denial of servi...

6.4CVSS0.00155EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/30 8:26 a.m.8 views

CVE-2026-12610

A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw by manipulating smartcard or YubiKey contents, leading to a denial of servi...

6.4CVSS5.8AI score0.00155EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:45 p.m.12 views

CVE-2026-40947

Yubico libfido2 before 1.17.0, python-fido2 before 2.2.0, and yubikey-manager before 5.9.1 have an unintended DLL search path...

2.9CVSS5.5AI score0.00131EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/04/16 11:27 p.m.5 views

SUSE CVE-2026-40947

Yubico libfido2 before 1.17.0, python-fido2 before 2.2.0, and yubikey-manager before 5.9.1 have an unintended DLL search path...

2.9CVSS5.8AI score0.00131EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/16 12:54 a.m.10 views

EUVD-2026-23135

Yubico libfido2 before 1.17.0, python-fido2 before 2.2.0, and yubikey-manager before 5.9.1 have an unintended DLL search path...

2.9CVSS5.8AI score0.00131EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/04/16 12:29 a.m.7 views

aws-credential-process (=0.20.0), aws-session-daemon (>=0.1.0 <=0.6.0) +2 more potentially affected by CVE-2026-40947 via yubikey-manager (>=5.0.0 <=5.1.1)

yubikey-manager PYPI version =5.0.0, =0.1.0, =1.0.0, =1.6.6 Source cves: CVE-2026-40947 Source advisory: SNYK:PYTHON-YUBIKEYMANAGER-16325204...

2.9CVSS5.8AI score0.00131EPSS
Exploits0
Snyk
Snyk
added 2026/04/16 12:29 a.m.6 views

Untrusted Search Path

Overview yubikey-manager is a Library and CLI for managing your YubiKey configuration. Affected versions of this package are vulnerable to Untrusted Search Path due to the unintended search order for dynamic link libraries. An attacker can execute arbitrary code by placing a malicious DLL in a...

2.9CVSS6.2AI score0.00131EPSS
Exploits0References2
NVD
NVD
added 2026/04/16 12:16 a.m.6 views

CVE-2026-40947

Yubico libfido2 before 1.17.0, python-fido2 before 2.2.0, and yubikey-manager before 5.9.1 have an unintended DLL search path...

2.9CVSS0.00131EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/16 12:0 a.m.10 views

Yubico多款产品 安全漏洞

Libfido2 and others are products open-sourced by Yubico. Libfido2 is a FIDO device communication library. Python-Fido2 is a library for implementing FIDO2 protocol clients and servers. YubiKey-Manager is a configuration management tool for YubiKeys. Several Yubico products have security...

2.9CVSS5.8AI score0.00131EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/15 11:13 p.m.34 views

CVE-2026-40947

Yubico libfido2 before 1.17.0, python-fido2 before 2.2.0, and yubikey-manager before 5.9.1 have an unintended DLL search path...

2.9CVSS0.00131EPSS
Exploits0References1
CVE
CVE
added 2026/04/15 11:13 p.m.21 views

CVE-2026-40947

Affected software components are Yubico libfido2 (before 1.17.0), python-fido2 (before 2.2.0), and yubikey-manager (before 5.9.1). The issue is an unintended DLL search path, as described in CVE-2026-40947. The CVSS vector is CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N, with a base score of 2.9 ...

2.9CVSS5.8AI score0.00131EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/15 11:13 p.m.5 views

CVE-2026-40947

Yubico libfido2 before 1.17.0, python-fido2 before 2.2.0, and yubikey-manager before 5.9.1 have an unintended DLL search path...

2.9CVSS5.8AI score0.00131EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/15 11:13 p.m.5 views

CVE-2026-40947

Yubico libfido2 before 1.17.0, python-fido2 before 2.2.0, and yubikey-manager before 5.9.1 have an unintended DLL search path...

2.9CVSS5.8AI score0.00131EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/04/15 11:13 p.m.2 views

CVE-2026-40947

Yubico libfido2 before 1.17.0, python-fido2 before 2.2.0, and yubikey-manager before 5.9.1 have an unintended DLL search path...

2.9CVSS5.3AI score0.00131EPSS
Exploits0
Rows per page
Query Builder