CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

43 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в 389-ds-base

The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying userPassword using malformed input...

5.7CVSS6.8AI score0.00076EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-49545

Malicious code in bioql PyPI...

5.7CVSS6.4AI score0.00076EPSS

Exploits0References3

Tenable Nessus•added 2025/06/16 12:0 a.m.•3 views

TencentOS Server 2: 389-ds-base (TSSA-2024:0155)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0155 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

7.5CVSS6.5AI score0.00549EPSS

Exploits0References3

Tenable Nessus•added 2025/03/27 12:0 a.m.•16 views

Amazon Linux 2 : 389-ds-base (ALAS-2025-2798)

The version of 389-ds-base installed on the remote host is prior to 1.3.10.2-17. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2798 advisory. A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user...

7.5CVSS6.5AI score0.00549EPSS

Exploits0References10

Tenable Nessus•added 2025/03/05 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2024-2199

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying...

5.7CVSS6.6AI score0.0009EPSS

Exploits0References2

OSV•added 2025/02/21 1:35 p.m.•3 views

OESA-2025-1145 three-eight-nine-ds-base security update

389-ds-base is an LDAPv3 compliant server which includes the LDAP server and command line utilities for server administration. Security Fixes: The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server...

5.7CVSS6.9AI score0.00076EPSS

Exploits0References2

Tenable Nessus•added 2025/02/18 12:0 a.m.•9 views

RHEL 8 : redhat-ds:11 (RHSA-2025:1632)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:1632 advisory. Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol...

7.5CVSS6.7AI score0.00549EPSS

Exploits0References10

Tenable Nessus•added 2024/11/14 12:0 a.m.•14 views

Fedora 41 : 389-ds-base (2024-48c0a7fa73)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-48c0a7fa73 advisory. Automatic update for 389-ds-base-3.1.1-1.fc41. Changelog Tue Jul 30 2024 Viktor Ashirov - 3.1.1-1 - Update to 3.1.1 - Resolves: CVE-2024-1062...

7.5CVSS6.6AI score0.00549EPSS

Exploits0References5

OpenVAS•added 2024/11/01 12:0 a.m.•19 views

openSUSE: Security Advisory for 389 (SUSE-SU-2024:3843-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.00549EPSS

Exploits0References2

OpenVAS•added 2024/11/01 12:0 a.m.•17 views

openSUSE: Security Advisory for 389 (SUSE-SU-2024:3844-1)

7.5CVSS7AI score0.00549EPSS

Exploits0References2

OSV•added 2024/10/31 8:50 a.m.•17 views

SUSE-SU-2024:3843-1 Security update for 389-ds

This update for 389-ds fixes the following issues: - Persist extracted key path for ldapsslclientinit over repeat invocations bsc1230852 - Re-enable use of .dsrc basedn for dsidm commands bsc1231462 - Update to version 2.2.10git18.20ce9289: RFE: Use previously extracted key path Update dsidm to...

7.5CVSS7.2AI score0.00549EPSS

Exploits0References6

RedHat Linux•added 2024/10/01 12:54 a.m.•3 views

389-ds-base: server crash while modifying `userPassword` using malformed input (Incomplete fix for CVE-2024-2199)

5.7CVSS5.8AI score0.0009EPSS

Exploits0References4

OSV•added 2024/09/16 12:39 p.m.•13 views

SUSE-SU-2024:3257-1 Security update for 389-ds

This update for 389-ds fixes the following issues: - Update to version 1.4.4.20git3.e7ac6d87: - CVE-2024-3657: DOS via via specially crafted kerberos AS-REQ request. bsc1225512 - CVE-2024-5953: Malformed userPassword hashes may cause a denial of service. bsc1226277 - CVE-2024-2199: Malformed...

7.5CVSS6.7AI score0.00549EPSS

Exploits0References7

Tenable Nessus•added 2024/09/13 12:0 a.m.•26 views

SUSE SLES15 Security Update : 389-ds (SUSE-SU-2024:3218-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3218-1 advisory. - Update to version 2.0.20 - CVE-2024-3657: DOS via via specially crafted kerberos AS-REQ request. bsc1225512 - CVE-2024-5953:...

7.5CVSS6.6AI score0.00549EPSS

Exploits0References13

OpenVAS•added 2024/09/13 12:0 a.m.•18 views

openSUSE: Security Advisory for 389 (SUSE-SU-2024:3218-1)

7.5CVSS7AI score0.00549EPSS

Exploits0References2

OSV•added 2024/09/05 3:15 p.m.•1 views

UBUNTU-CVE-2024-8445

5.7CVSS6.8AI score0.00076EPSS

Exploits0References4

CVE•added 2024/09/05 2:24 p.m.•66 views

CVE-2024-8445

389-ds-base LDAP server has a denial of service risk where an authenticated user could crash the server while modifying userPassword with malformed input. This is an incomplete fix for CVE-2024-2199 (CVE-2024-8445) per multiple advisories (Red Hat, Debian LTS, Debian CVE tracker, AWS ALAS). Conne...

5.7CVSS6.2AI score0.00076EPSS

Exploits0References4