Lucene search
K

2239 matches found

Tenable Nessus
Tenable Nessus
added 6 days ago9 views

Linux Distros Unpatched Vulnerability : CVE-2026-11610

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap buffer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. After a successful SASL bind with integrity protection SSF 0, a...

8.8CVSS6.2AI score0.01038EPSS
Exploits0References4
OSV
OSV
added 2026/07/01 2:17 a.m.3 views

DEBIAN-CVE-2026-57962

A malicious LDAP server, which a Thunderbird user is configured to query for address-book autocomplete, can stash arbitrarily large amounts of attacker-supplied data into the Thunderbird LDAP client until it crashes due to memory exhaustion. This vulnerability was fixed in Thunderbird 152.0.1 and...

5.3CVSS5.8AI score0.00203EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 12:58 a.m.22 views

CVE-2026-57962

CVE-2026-57962 affects Thunderbird’s LDAP address-book autocomplete. A malicious LDAP server can cause the Thunderbird LDAP client to stash attacker-supplied data, enabling memory exhaustion and a denial of service. Root cause is unbounded data processing by the LDAP client when queried by the Th...

5.3CVSS5.8AI score0.00203EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.7 views

RHEL 8 : redhat-ds:11 (RHSA-2026:26597)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:26597 advisory. Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol LDAP...

7.5CVSS6AI score0.00815EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.5 views

SUSE SLES15 Security Update : 389-ds (SUSE-SU-2026:2419-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2419-1 advisory. This update for 389-ds fixes the following issue Update to 2.7.0git193.9ab79d496: - CVE-2026-9064: unbounded LDAP controls count in...

7.5CVSS6AI score0.00815EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.7 views

RHEL 9 : redhat-ds:12 (RHSA-2026:26599)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:26599 advisory. Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol LDAP...

7.5CVSS6AI score0.00815EPSS
Exploits0References4
OSV
OSV
added 2026/06/19 6:4 a.m.7 views

RLSA-2026:26456 Important: 389-ds-base security, bug fix, and enhancement update

389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Security Fixes: 389-ds-base: 389-ds-base: unbounded LDAP controls count in...

7.5CVSS5.9AI score0.00815EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2026/06/19 6:4 a.m.8 views

389-ds-base security, bug fix, and enhancement update

An update is available for 389-ds-base. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The...

7.5CVSS5.9AI score0.00815EPSS
Exploits0
OSV
OSV
added 2026/06/19 12:1 a.m.7 views

RLSA-2026:26459 Important: 389-ds:1.4 security update

389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Security Fixes: 389-ds-base: 389-ds-base: unbounded LDAP controls count in...

7.5CVSS5.3AI score0.00815EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2026/06/19 12:1 a.m.8 views

389-ds:1.4 security update

An update is available for 389-ds-base, module.389-ds-base. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list 389 Directory Server is an LDAP version 3 LDAPv3...

7.5CVSS5.4AI score0.00815EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/18 4:23 p.m.8 views

Important: Red Hat Security Advisory: Red Hat Directory Server 13.2 container image update

An updated Red Hat Directory Server 13.2 container image for RHEL 10 is now available in the Red Hat container registry, including bug fixes and security patches. Red Hat Directory Server is an LDAPv3-compliant directory server. The image is maintained by Red Hat and updated regularly. To pull th...

7.5CVSS5.2AI score0.00815EPSS
Exploits0References4
NVD
NVD
added 2026/06/18 4:16 p.m.10 views

CVE-2026-11791

A flaw was found in 389 Directory Server. During schema reload, the attrsyntaxswapht function unconditionally frees attribute syntax information nodes, bypassing the refcount-based deferred deletion used elsewhere in the attribute syntax subsystem. If an administrator triggers schema reload while...

5CVSS0.00212EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/18 2:44 p.m.8 views

EUVD-2026-37902

A flaw was found in 389 Directory Server. During schema reload, the attrsyntaxswapht function unconditionally frees attribute syntax information nodes, bypassing the refcount-based deferred deletion used elsewhere in the attribute syntax subsystem. If an administrator triggers schema reload while...

5CVSS5.2AI score0.00212EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/18 2:44 p.m.35 views

CVE-2026-11791 389-ds-base: 389-ds-base: use-after-free in schema reload via attr_syntax_swap_ht()

A flaw was found in 389 Directory Server. During schema reload, the attrsyntaxswapht function unconditionally frees attribute syntax information nodes, bypassing the refcount-based deferred deletion used elsewhere in the attribute syntax subsystem. If an administrator triggers schema reload while...

5CVSS0.00212EPSS
Exploits0References2
CVE
CVE
added 2026/06/18 2:44 p.m.22 views

CVE-2026-11791

The CVE-2026-11791 entry concerns 389 Directory Server (389-ds-base), where during schema reload the attr_syntax_swap_ht() function unconditionally frees attribute syntax information nodes, bypassing refcount-based deferred deletion. This can lead to use-after-free or double-free when LDAP query ...

5CVSS5.2AI score0.00212EPSS
Exploits0References2Affected Software3
Vulnrichment
Vulnrichment
added 2026/06/18 2:44 p.m.11 views

CVE-2026-11791 389-ds-base: 389-ds-base: use-after-free in schema reload via attr_syntax_swap_ht()

A flaw was found in 389 Directory Server. During schema reload, the attrsyntaxswapht function unconditionally frees attribute syntax information nodes, bypassing the refcount-based deferred deletion used elsewhere in the attribute syntax subsystem. If an administrator triggers schema reload while...

5CVSS5.2AI score0.00212EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.7 views

RockyLinux 9 : 389-ds-base (RLSA-2026:26455)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:26455 advisory. 389-ds-base: 389-ds-base: unbounded LDAP controls count in getldapmessagecontrolsext causes CPU and heap amplification remote DoS CVE-2026-9064 Bug Fixes and...

7.5CVSS6.1AI score0.00815EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-12528

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in 389 Directory Server in the aclpnormalizeacltxt function of aclparse.c. A malformed ACI Access Control Instruction string can trigger...

5.4CVSS6AI score0.00226EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.8 views

RHEL 9 : redhat-ds:12 (RHSA-2026:26639)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:26639 advisory. Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol LDAP...

7.5CVSS6AI score0.00815EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/17 3:46 p.m.12 views

Important: Red Hat Security Advisory: redhat-ds:12 security update

An update for the redhat-ds:12 module is now available for Red Hat Directory Server 12.2 E4S for RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS5.3AI score0.00815EPSS
Exploits0References2
Rows per page
Query Builder