Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added 2025/04/18 1:48 a.m.19 views

CVE-2024-53305

An issue in the component /models/config.py of Whoogle search v0.9.0 allows attackers to execute arbitrary code via supplying a crafted search query...

7.3CVSS7.7AI score0.00465EPSS
Exploits1References1
OSV
OSV
added 2025/04/16 6:31 p.m.3 views

GHSA-2689-CW26-6CPJ Whoogle allows attackers to execute arbitrary code via supplying a crafted search query

An issue in the component /models/config.py of Whoogle search v0.9.0 allows attackers to execute arbitrary code via supplying a crafted search query...

9.3CVSS7.7AI score0.00465EPSS
Exploits1References5
Cvelist
Cvelist
added 2023/06/16 9:7 a.m.22 views

CVE-2023-2785 Specially crafted search query can cause large log entries in postgres

Mattermost fails to properly truncate the postgres error log message of a search query failure allowing an attacker to cause the creation of large log files which can result in Denial of Service...

4.3CVSS4.8AI score0.006EPSS
Exploits0References1
OSV
OSV
added 2023/02/20 5:15 p.m.8 views

CVE-2021-32848

Octobox is software for managing GitHub notifications. Prior to pull request PR 2807, a user of the system can provide a specifically crafted search query string that will trigger a ReDoS vulnerability. This issue is fixed in PR 2807...

7.5CVSS5.8AI score0.0104EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/02/20 12:0 a.m.8 views

PT-2023-12181 · Octobox · Octobox

Name of the Vulnerable Software and Affected Versions: Octobox versions prior to pull request 2807 Description: Octobox is software for managing GitHub notifications. A user of the system can provide a specifically crafted search query string that will trigger a ReDoS vulnerability...

7.5CVSS7.4AI score0.0104EPSS
Exploits1References6
NVD
NVD
added 2019/11/05 8:15 p.m.21 views

CVE-2010-2222

The gerparsecontrol function in Red Hat Directory Server 8 and the 389 Directory Server allows attackers to cause a denial of service NULL pointer dereference via a crafted search query...

7.5CVSS7.3AI score0.01349EPSS
Exploits0References2
Prion
Prion
added 2019/11/05 8:15 p.m.17 views

Null pointer dereference

The gerparsecontrol function in Red Hat Directory Server 8 and the 389 Directory Server allows attackers to cause a denial of service NULL pointer dereference via a crafted search query...

5CVSS6.8AI score0.01349EPSS
Exploits0References2Affected Software1
Amazon
Amazon
added 2018/11/13 12:0 a.m.33 views

Medium: 389-ds-base

Issue Overview: It was found that a specially crafted search query could lead to excessive CPU consumption in the dosearch function. An unauthenticated attacker could use this flaw to provoke a denial of service.CVE-2018-14648 Affected Packages: 389-ds-base Note: This advisory is applicable to...

7.8CVSS7.8AI score0.06238EPSS
Exploits0
OSV
OSV
added 2018/09/28 1:29 p.m.3 views

UBUNTU-CVE-2018-14648

A flaw was found in 389 Directory Server. A specially crafted search query could lead to excessive CPU consumption in the dosearch function. An unauthenticated attacker could use this flaw to provoke a denial of service...

7.5CVSS7AI score0.06238EPSS
Exploits0References3
OSV
OSV
added 2018/09/28 1:29 p.m.4 views

DEBIAN-CVE-2018-14648

A flaw was found in 389 Directory Server. A specially crafted search query could lead to excessive CPU consumption in the dosearch function. An unauthenticated attacker could use this flaw to provoke a denial of service...

7.5CVSS7.4AI score0.06238EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/06/18 12:0 a.m.29 views

SUSE SLED12 / SLES12 Security Update : openldap2 (SUSE-SU-2015:1077-1)

openldap2 was updated to fix two security issues and one non-security bug. The following vulnerabilities were fixed : - A remote attacker could cause a denial of service through a NULL pointer dereference and crash via an empty attribute list in a deref control in a search request. bnc916897...

5CVSS5.7AI score0.11091EPSS
Exploits1References8
UbuntuCve
UbuntuCve
added 2015/02/12 4:59 p.m.25 views

CVE-2015-1546

Double free vulnerability in the getvrFilter function in servers/slapd/filter.c in OpenLDAP 2.4.40 allows remote attackers to cause a denial of service crash via a crafted search query with a matched values control...

5CVSS5.9AI score0.03413EPSS
Exploits0References1
Cvelist
Cvelist
added 2015/02/12 4:0 p.m.28 views

CVE-2015-1546

Double free vulnerability in the getvrFilter function in servers/slapd/filter.c in OpenLDAP 2.4.40 allows remote attackers to cause a denial of service crash via a crafted search query with a matched values control...

6.8AI score0.03413EPSS
Exploits0References10
Rows per page
Query Builder