2 matches found
CVE-2026-9064
A flaw was found in 389-ds-base. The getldapmessagecontrolsext function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of thousands of minimal controls...
CVE-2009-1196
The directory-services functionality in the scheduler in CUPS 1.1.17 and 1.1.22 allows remote attackers to cause a denial of service cupsd daemon outage or crash via manipulations of the timing of CUPS browse packets, related to a "pointer use-after-delete flaw."...