Astra Linux - уязвимость в 389-ds-base

The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying userPassword using malformed input...

CVE-2026-2199

A security flaw has been discovered in code-projects Online Reviewer System 1.0. The impacted element is an unknown function of the file /reviewer/system/system/admins/manage/users/user-delete.php. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated...

CVE-2026-2199

A security flaw has been discovered in code-projects Online Reviewer System 1.0. The impacted element is an unknown function of the file /reviewer/system/system/admins/manage/users/user-delete.php. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated...

CVE-2019-2199

In createSessionInternal of PackageInstallerService.java, there is a possible permissions bypass. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-138650665...

EUVD-2024-49545

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-8445

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash...

TencentOS Server 2: 389-ds-base (TSSA-2024:0155)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0155 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

CVE-2002-2199

The default aide.conf file in Advanced Intrusion Detection Environment AIDE before 0.71 on FreeBSD before 2002-08-28 does not properly check subdirectories, which could allow local users to bypass detection...

RockyLinux 9 : pmix (RLSA-2024:2199)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:2199 advisory. pmix: race condition allows attackers to obtain ownership of arbitrary files CVE-2023-41915 Tenable has extracted the preceding description block directly from th...

Amazon Linux 2 : 389-ds-base (ALAS-2025-2798)

The version of 389-ds-base installed on the remote host is prior to 1.3.10.2-17. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2798 advisory. A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user...

CVE-2025-2199

creationtimestamp| type| source ---|---|--- 2025-03-17 10:54:25+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7755 2025-03-17 11:40:11+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lkl324jj5422 2025-03-17 12:01:12+00:00| seen|...

CVE-2025-2199

SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax.php. This vulnerability allows an attacker to obtain, update and delete data from the database by injecting an SQL query in ‘searchActionsToUpdate’, ‘searchSpecialitiesPending’,...

CVE-2025-2199 SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax.php

SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax.php. This vulnerability allows an attacker to obtain, update and delete data from the database by injecting an SQL query in ‘searchActionsToUpdate’, ‘searchSpecialitiesPending’,...

CVE-2025-2199 SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax.php

SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax.php. This vulnerability allows an attacker to obtain, update and delete data from the database by injecting an SQL query in ‘searchActionsToUpdate’, ‘searchSpecialitiesPending’,...

Linux Distros Unpatched Vulnerability : CVE-2024-2199

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying...

Linux Distros Unpatched Vulnerability : CVE-2011-2199

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in tftp-hpa before 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the utimeout option...

OESA-2025-1145 three-eight-nine-ds-base security update

389-ds-base is an LDAPv3 compliant server which includes the LDAP server and command line utilities for server administration. Security Fixes: The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server...

RHEL 8 : redhat-ds:11 (RHSA-2025:1632)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:1632 advisory. Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol...

Fedora 41 : 389-ds-base (2024-48c0a7fa73)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-48c0a7fa73 advisory. Automatic update for 389-ds-base-3.1.1-1.fc41. Changelog Tue Jul 30 2024 Viktor Ashirov - 3.1.1-1 - Update to 3.1.1 - Resolves: CVE-2024-1062...

openSUSE: Security Advisory for 389 (SUSE-SU-2024:3843-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...