MiracleLinux 7 : openldap-2.4.44-5.el7 (AXSA:2017-1911:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1911:01 advisory. OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing...

CVE-2024-3242

The Brizy – Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file extension validation in the validateImageContent function called via storeImages in all versions up to, and including, 2.4.43. This makes it possible for authenticated attackers, with...

PT-2024-18436 · WordPress · Brizy

Name of the Vulnerable Software and Affected Versions: Brizy – Page Builder plugin for WordPress versions up to, and including, 2.4.44 Description: The issue allows authenticated attackers with contributor access and above to modify the content of arbitrary published posts due to a missing...

OPENSUSE-SU-2024:10012-1 libldap-2_4-2-2.4.44-22.1 on GA media

These are all security issues fixed in the libldap-24-2-2.4.44-22.1 package on the GA media of openSUSE Tumbleweed...

WordPress Brizy Plugin <= 2.4.43 is vulnerable to Broken Access Control

Software Brizy Type Plugin Vulnerable versions = 2.4.43 Fixed in 2.4.44 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3711 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 6a9b9ee44fc3 Credits Lucio Sá Required privilege Contributo...

Amazon Linux 2 : openldap (ALAS-2022-1770)

The version of openldap installed on the remote host is prior to 2.4.44-23. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1770 advisory. A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP'...

Advisory ROSA-SA-2021-1935

Software: openldap 2.4.44 OS: Cobalt 7.9 CVE-ID: CVE-2017-14159 CVE-Crit: MEDIUM CVE-DESC: slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping the privileges of a non-root account, which could allow local users to kill arbitrary processes using access to that non-root account t...

openldap security update

2.4.44-23 - Fix CVE-2020-25692 openldap: NULL pointer dereference for unauthenticated packet in slapd 1895328...

[SECURITY] [DLA 2544-1] openldap security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2544-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta February 03, 2021 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2481-1] openldap security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2481-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta December 04, 2020 https://wiki.debian.org/LTS -...

openldap security update

2.4.44-22 - Fix CVE-2020-12243 openldap: denial of service via nested boolean expressions in LDAP search filters 1838405...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2020-2018)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE

...

Apache HTTP Server Buffer Overflow Vulnerability

Apache HTTP Server is the United States Apache Software Apache Software Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. A buffer overflow vulnerability exists in moduwsgi in Apache HTTP Server versions 2.4.32 through 2.4.44. An...

Apache HTTP Server 2.4.20 < 2.4.44 Multiple Vulnerabilities - Linux

Apache HTTP Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:httpserver"; if...

Apache HTTP Server 2.4.32 < 2.4.44 mod_proxy_uwsgi Buffer Overflow Vulnerability - Linux

Apache HTTP Server is prone to a buffer overflow vulnerability in modproxyuwsgi. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Scientific Linux Security Update : openldap on SL7.x x86_64 (20170801)

The following packages have been upgraded to a later upstream version: openldap 2.4.44. Security Fixes : - A double-free flaw was found in the way OpenLDAP's slapd server using the MDB backend handled LDAP searches. A remote attacker with access to search the directory could potentially use this...

CVE-2017-9287

servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0...