Lucene search
K

513 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.4 views

SUSE SLES15 Security Update : 389-ds (SUSE-SU-2026:2419-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2419-1 advisory. This update for 389-ds fixes the following issue Update to 2.7.0git193.9ab79d496: - CVE-2026-9064: unbounded LDAP controls count in...

7.5CVSS5.9AI score0.00815EPSS
Exploits0References4
Rockylinux
Rockylinux
added 2026/06/19 12:1 a.m.5 views

389-ds:1.4 security update

An update is available for 389-ds-base, module.389-ds-base. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list 389 Directory Server is an LDAP version 3 LDAPv3...

7.5CVSS5.4AI score0.00815EPSS
Exploits0
NVD
NVD
added 2026/06/18 4:16 p.m.9 views

CVE-2026-11791

A flaw was found in 389 Directory Server. During schema reload, the attrsyntaxswapht function unconditionally frees attribute syntax information nodes, bypassing the refcount-based deferred deletion used elsewhere in the attribute syntax subsystem. If an administrator triggers schema reload while...

5CVSS0.0025EPSS
Exploits0References2
CVE
CVE
added 2026/06/18 2:44 p.m.18 views

CVE-2026-11791

The CVE-2026-11791 entry concerns 389 Directory Server (389-ds-base), where during schema reload the attr_syntax_swap_ht() function unconditionally frees attribute syntax information nodes, bypassing refcount-based deferred deletion. This can lead to use-after-free or double-free when LDAP query ...

5CVSS5.2AI score0.0025EPSS
Exploits0References2Affected Software3
NVD
NVD
added 2026/06/17 3:16 p.m.8 views

CVE-2026-12528

A flaw was found in 389 Directory Server in the aclpnormalizeacltxt function of aclparse.c. A malformed ACI Access Control Instruction string can trigger heap-buffer-overflow writes and reads during ACI parsing. The function fails to validate that the ACI keyword has sufficient length after...

5.4CVSS0.00226EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/17 2:27 p.m.9 views

CVE-2026-12528

A flaw was found in 389 Directory Server in the aclpnormalizeacltxt function of aclparse.c. A malformed ACI Access Control Instruction string can trigger heap-buffer-overflow writes and reads during ACI parsing. The function fails to validate that the ACI keyword has sufficient length after...

5.4CVSS5.4AI score0.00226EPSS
Exploits0References4
OSV
OSV
added 2026/06/17 10:8 a.m.6 views

RHSA-2026:26460 Red Hat Security Advisory: 389-ds:1.4 security update

Bulletin has no description...

7.5CVSS4.8AI score0.00815EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/17 1:38 a.m.7 views

389-ds-base: 389-ds-base: unbounded LDAP controls count in get_ldapmessage_controls_ext() causes CPU and heap amplification (remote DoS)

A flaw was found in 389-ds-base. The getldapmessagecontrolsext function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of thousands of minimal controls...

7.5CVSS5.2AI score0.00815EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/17 12:44 a.m.7 views

Important: Red Hat Security Advisory: 389-ds:1.4 security update

An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabili...

7.5CVSS5.4AI score0.00815EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/17 12:0 a.m.7 views

RHEL 9 : 389-ds-base (RHSA-2026:26464)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:26464 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server a...

7.5CVSS5.5AI score0.00815EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/17 12:0 a.m.9 views

RHEL 9 : 389-ds-base (RHSA-2026:26455)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:26455 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server a...

7.5CVSS5.5AI score0.00815EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.18 views

PT-2026-50430

Name of the Vulnerable Software and Affected Versions 389 Directory Server affected versions not specified Description A flaw exists in the aclp normalize acltxt function within aclparse.c. A malformed Access Control Instruction ACI string can trigger heap-buffer-overflow writes and reads during...

5.4CVSS5.8AI score0.00226EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2026/06/12 2:32 a.m.11 views

SUSE CVE-2026-11786

A flaw was found in 389 Directory Server. The LDIF parser reads past the end of a heap buffer when processing attribute types with trailing semicolons during database import, causing an out-of-bounds read detectable under memory instrumentation...

6.5CVSS5.7AI score0.0016EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/12 2:32 a.m.10 views

SUSE CVE-2026-11787

A flaw was found in 389 Directory Server. The ldaputf8prev function reads bytes before the start of a buffer without bounds checking, causing a heap buffer over-read in string filter parsing that may influence internal filter processing behavior...

6.3CVSS5.7AI score0.00177EPSS
Exploits0References3
NVD
NVD
added 2026/06/11 7:16 p.m.11 views

CVE-2026-11774

An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. In sasliostartpacket, adding sizeofuint32t to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer...

7.6CVSS0.00539EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.15 views

PT-2026-48701

Name of the Vulnerable Software and Affected Versions 389 Directory Server 389-ds-base affected versions not specified Description An integer overflow exists in the SASL I/O layer within the sasl io start packet function. When a crafted SASL packet length prefix of 0xFFFFFFFC is processed, adding...

7.6CVSS6.2AI score0.00539EPSS
Exploits0References10
OSV
OSV
added 2026/06/10 3:16 p.m.6 views

UBUNTU-CVE-2026-11884

A heap buffer overflow flaw was found in 389 Directory Server. When serializing objectclass definitions, the ocsuperior SUP field length is omitted from buffer size calculations in readschemadse and schemaoctostring, but the field is still written via strcat. An attacker with Directory Manager...

6.5CVSS6.1AI score0.00361EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/10 2:7 p.m.8 views

CVE-2026-11884 389-ds-base: 389-ds-base: heap buffer overflow in schema objectclass serialization due to missing oc_superior in size calculation

A heap buffer overflow flaw was found in 389 Directory Server. When serializing objectclass definitions, the ocsuperior SUP field length is omitted from buffer size calculations in readschemadse and schemaoctostring, but the field is still written via strcat. An attacker with Directory Manager...

6.5CVSS5.7AI score0.00361EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/09 1:11 p.m.33 views

CVE-2026-11792 389-ds-base: 389-ds-base: heap buffer overflow in audit log password masking (create_masked_entry_string)

A heap buffer overflow flaw was found in 389 Directory Server. When audit logging is enabled, the createmaskedentrystring function in auditlog.c copies a fixed-length password mask into a precisely-sized heap buffer without checking available space. If a short cleartext password is logged requiri...

3.3CVSS0.00267EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/09 1:11 p.m.6 views

CVE-2026-11793 389-ds-base: 389-ds-base: stack buffer overflow in checkprefix() algorithm id parsing

A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. An attacker with Directory Manager privileges can...

4.9CVSS5.7AI score0.00334EPSS
Exploits0References2
Rows per page
Query Builder