Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

CVE
CVEadded 2 days ago9 views

CVE-2026-11790

The CVE-2026-11790 entry describes a vulnerability in 389 Directory Server’s PBKDF2-SHA256 password storage plugin where there is no upper bound on the iteration count extracted from stored password hashes. A privileged attacker who can modify a user’s password hash can trigger excessive CPU usag...

4.9CVSS5.4AI score0.00073EPSS
Exploits0References3
EUVD
EUVDadded 2 days ago5 views

EUVD-2026-35420

A flaw was found in 389 Directory Server. The dereference control plugin does not check for allocation failure before using a BER structure, allowing an unauthenticated remote attacker to crash the LDAP server when the system is under memory pressure...

5.9CVSS5.5AI score0.00088EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2 days ago4 views

CVE-2026-11788

A flaw was found in 389 Directory Server. The dereference control plugin does not check for allocation failure before using a BER structure, allowing an unauthenticated remote attacker to crash the LDAP server when the system is under memory pressure...

5.9CVSS5.5AI score0.00088EPSS
Exploits0
Debian CVE
Debian CVEadded 2 days ago4 views

CVE-2026-11787

A flaw was found in 389 Directory Server. The ldaputf8prev function reads bytes before the start of a buffer without bounds checking, causing a heap buffer over-read in string filter parsing that may influence internal filter processing behavior...

5CVSS5.7AI score0.00042EPSS
Exploits0
EUVD
EUVDadded 2 days ago5 views

EUVD-2026-35417

A flaw was found in 389 Directory Server. The LDIF parser reads past the end of a heap buffer when processing attribute types with trailing semicolons during database import, causing an out-of-bounds read detectable under memory instrumentation...

1.9CVSS5.6AI score0.0001EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2 days ago6 views

PT-2026-47777

A flaw was found in 389 Directory Server. The ldap utf8prev function reads bytes before the start of a buffer without bounds checking, causing a heap buffer over-read in string filter parsing that may influence internal filter processing behavior...

5CVSS5.7AI score0.00042EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-47979

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.01064EPSS
Exploits0References5
OSV
OSVadded 2022/04/18 5:15 p.m.1 views

DEBIAN-CVE-2021-3652

A flaw was found in 389-ds-base. If an asterisk is imported as password hashes, either accidentally or maliciously, then instead of being inactive, any password will successfully match during authentication. This flaw allows an attacker to successfully authenticate as a user whose password was...

6.5CVSS6.6AI score0.00118EPSS
Exploits0References1
OSV
OSVadded 2018/09/28 1:29 p.m.1 views

DEBIAN-CVE-2018-14648

A flaw was found in 389 Directory Server. A specially crafted search query could lead to excessive CPU consumption in the dosearch function. An unauthenticated attacker could use this flaw to provoke a denial of service...

7.5CVSS7.4AI score0.07503EPSS
Exploits0References1
OSV
OSVadded 2018/08/22 2:29 p.m.1 views

DEBIAN-CVE-2018-1140

A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server. An attacker could use this flaw to cause a denial of service against a samba server, used as a Active Directory Domain Controller. All versions of Samba from 4.8.0 onwards are vulnerable...

6.5CVSS8.7AI score0.14432EPSS
Exploits0References1
Rows per page
Query Builder