Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.10 views

Oracle Linux 8 : 389-ds:1.4 (ELSA-2026-26459)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-26459 advisory. - Resolves: RHEL-178076 - CVE-2026-9064 389-ds:1.4/389-ds-base: unbounded LDAP controls count in getldapmessagecontrolsext causes CPU and heap amplification...

7.5CVSS6.4AI score0.01038EPSS
Exploits0References2
OSV
OSV
added 2026/05/20 10:16 a.m.5 views

UBUNTU-CVE-2026-9064

A flaw was found in 389-ds-base. The getldapmessagecontrolsext function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of thousands of minimal controls...

7.5CVSS5.8AI score0.00815EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/15 11:15 p.m.8 views

CVE-2026-40193

maddy is a composable, all-in-one mail server. Versions prior to 0.9.3 contain an LDAP injection vulnerability in the auth.ldap module where user-supplied usernames are interpolated into LDAP search filters and DN strings via strings.ReplaceAll without any LDAP filter escaping, despite the...

8.2CVSS5.9AI score0.00419EPSS
Exploits1References4Affected Software1
Snyk
Snyk
added 2025/10/27 9:30 p.m.3 views

Insertion of Sensitive Information into Log File

Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the updateUser function in LDAPUserImporterImpl.java. A user can read user email addresses in log files. Remediation Upgrade com.liferay:com.liferay.portal.security.ldap.impl to versi...

4.6CVSS6.8AI score0.00131EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2001-0048

Malware in sbrugna...

7.2CVSS6.4AI score0.02007EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-31084

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 There are...

9CVSS7.5AI score0.02346EPSS
Exploits1References2
Amazon
Amazon
added 2025/08/19 12:0 a.m.5 views

Medium: 389-ds-base

Issue Overview: A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a faile...

4.9CVSS6.7AI score0.00553EPSS
Exploits0
CNNVD
CNNVD
added 2024/09/12 12:0 a.m.4 views

OpenText eDirectory 安全漏洞

OpenText eDirectory is an identity management infrastructure platform that combines identity management architecture and directory services technology from OpenText Canada. The platform provides authentication policies, data backup and recovery services, and data disaster recovery. A security...

7.6CVSS8.8AI score0.00369EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/10/14 12:0 a.m.3 views

IBM Security Directory Server Path Traversal Vulnerability

IBM Security Directory Server is a suite of enterprise identity management software from International Business Machines IBM that uses the Lightweight Directory Access Protocol LDAP. The software provides a trusted identity data infrastructure for authentication. A security vulnerability exists i...

7.5CVSS6.7AI score0.01172EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/05/18 12:0 a.m.5 views

The vulnerability of the LDAP service protocol implementation in Microsoft Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the LDAP service protocol implementation in Microsoft Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by transmitting specially crafted data...

9CVSS8.1AI score0.02658EPSS
Exploits0References4
CNVD
CNVD
added 2016/10/20 12:0 a.m.4 views

Unspecified Vulnerability in Oracle PeopleSoft Enterprise PeopleTools 'LDAP' Subware

Oracle PeopleSoft Products is a suite of enterprise human capital management solutions from Oracle Corporation, and PeopleSoft Enterprise PeopleTools is one of the tools and technology components that transforms the way organizations manage, use, and maintain their PeopleSoft software. PeopleSoft...

7.6CVSS6.7AI score0.01362EPSS
Exploits0References1
Rows per page
Query Builder