SUSE CVE-2019-10171

It was found that the fix for CVE-2018-14648 in 389-ds-base, versions 1.4.0.x before 1.4.0.17, was incorrectly applied in RHEL 7.5. An attacker would still be able to provoke excessive CPU consumption leading to a denial of service...

CVE-2025-14648

CVE-2025-14648 affects DedeBIZ up to 6.5.9. The vulnerability is in the file /src/admin/catalog_add.php, where manipulation leads to a remote command injection . Several sources confirm the attack can be launched remotely and that the exploit has been disclosed publicly. The Red Hat and EU ENISA ...

EUVD-2019-2202

Malware in sbrugna...

CVE-2020-14648

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Orac...

Linux Distros Unpatched Vulnerability : CVE-2018-14648

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in 389 Directory Server. A specially crafted search query could lead to excessive CPU consumption in the dosearch function. An unauthenticated...

GLSA-202107-18 : BladeEnc: Buffer overflow

The remote host is affected by the vulnerability described in GLSA-202107-18 BladeEnc: Buffer overflow A crafted file could cause a buffer overflow in the iterationloop function in BladeEnc. Impact : A remote attacker could entice a user to open a specially crafted using BladeEnc, possibly...

Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2021-1058)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for virtualbox (openSUSE-SU-2020:1511-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE: Security Advisory for virtualbox (openSUSE-SU-2020:1486-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Oracle VM VirtualBox (Jul 2020 CPU)

The Prior to 5.2.44, prior to 6.0.24, and prior to 6.1.12 versions of VM VirtualBox installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2020 CPU advisory. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core...

CVE-2020-14648

CVE-2020-14648 affects Oracle VM VirtualBox (Core). Affected releases are VirtualBox prior to 5.2.44, prior to 6.0.24, and prior to 6.1.12. The issue is described as a difficult-to-exploit vulnerability in the VirtualBox core that could allow a high-privilege attacker with logon to the infrastruc...

Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2018-1440)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2018-1439)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 Security Update : 389-ds (SUSE-SU-2019:2155-1)

This update for 389-ds to version 1.4.0.26 fixes the following issues : Security issues fixed : CVE-2016-5416: Fixed an information disclosure where a anonymous user could read the default ACI bsc991201. CVE-2018-1054: Fixed a denial of service via search filters in SetUnicodeStringFromUTF8...

NewStart CGSL CORE 5.04 / MAIN 5.04 : 389-ds-base Vulnerability (NS-SA-2019-0062)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has 389-ds-base packages installed that are affected by a vulnerability: - It was found that a specially crafted search query could lead to excessive CPU consumption in the dosearch function. An unauthenticated attacker could u...

Code injection

It was found that the fix for CVE-2018-14648 in 389-ds-base, versions 1.4.0.x before 1.4.0.17, was incorrectly applied in RHEL 7.5. An attacker would still be able to provoke excessive CPU consumption leading to a denial of service...

CVE-2019-10171

It was found that the fix for CVE-2018-14648 in 389-ds-base, versions 1.4.0.x before 1.4.0.17, was incorrectly applied in RHEL 7.5. An attacker would still be able to provoke excessive CPU consumption leading to a denial of service...

Denial Of Service (DoS)

389-ds-base is vulnerable to denial of service. It was found that a malicious search query could lead to excessive CPU consumption in the dosearch function. An unauthenticated attacker could use this flaw to provoke a denial of service. This vulnerability exists due to an insufficient fix for...

389-ds-base: Insufficient fix for CVE-2018-14648 denial of service in RHEL-7.5

It was found that the fix for CVE-2018-14648 was incorrectly applied in RHEL 7.5. An attacker would still be able to provoke excessive CPU consumption leading to a denial of service...

Amazon Linux AMI : 389-ds-base (ALAS-2018-1106)

It was found that a specially crafted search query could lead to excessive CPU consumption in the dosearch function. An unauthenticated attacker could use this flaw to provoke a denial of service.CVE-2018-14648 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...