[SECURITY] [DSA 6324-1] request-tracker5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6324-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 06, 2026 https://www.debian.org/security/faq -...

CVE-2026-41076

RT is an open source, enterprise-grade issue and ticket tracking system. Versions 5.0.9 and prior in addition to 6.0.0 through 6.0.2 contain an authentication bypass vulnerability in RT installations that use LDAP/AD for user authentication. Under certain LDAP server configurations, an attacker m...

Security Bulletin: Due to the use of derby IBM webMethods BPM is vulnerable to unauthorized LDAP authentication

Summary IBM webMethods BPM is using derby which is affected by a known vulnerability CVE-2022-46337. This security bulletin provides guidance on addressing the vulnerability. Vulnerability Details CVEID:CVE-2022-46337 DESCRIPTION: A cleverly devised username might bypass LDAP authentication check...

Moderate: Red Hat Security Advisory: Red Hat build of Keycloak 26.0.10 Images Update

New images are available for Red Hat build of Keycloak 26.0.10 and Red Hat build of Keycloak 26.0.10 Operator, running on OpenShift Container Platform Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Ha...

CVE-2024-1525

Removed by vendor...

Gitlab -- Vulnerabilities

Gitlab reports: Stored-XSS in user's profile page User with "admingroupmembers" permission can invite other groups to gain owner access ReDoS issue in the Codeowners reference extractor LDAP user can reset password using secondary email and login using direct authentication Bypassing group ip...

K11455641: NGINX LDAP Reference Implementation security exposure

Security Advisory Description NGINX LDAP reference implementation configuration can be modified by sending crafted HTTP requests. Note : nginx-ldap-auth is not an NGINX Product. It is published as a reference implementation of LDAP and describes the mechanics of how the integration works and all ...

Authentication flaw

Under certain ldap conditions, Cacti authentication can be bypassed with certain credential types...

Trend Micro Vulnerability Protection LDAP Authentication Bypass Vulnerability

Trend Micro Vulnerability Protection is an endpoint vulnerability protection product that provides one step faster and stronger endpoint protection. An LDAP authentication bypass vulnerability exists in Trend Micro Vulnerability Protection 2.0 SP2, which can be exploited by an attacker to bypass...

CVE-2020-15601

If LDAP authentication is enabled, an LDAP authentication bypass vulnerability in Trend Micro Deep Security 10.x-12.x could allow an unauthenticated attacker with prior knowledge of the targeted organization to bypass manager authentication. Enabling multi-factor authentication prevents this...

Apache ActiveMQ 5.x < 5.10.1 / 5.11.0 Multiple Vulnerabilities

The version of Apache ActiveMQ running on the remote host is 5.x prior to 5.10.1 / 5.11.0. It is, therefore, potentially affected by multiple vulnerabilities : - An unauthenticated, remote attacker can crash the broker listener by sending a packet to the same port that a message consumer or produ...

security flaw

squidldapauth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists ACLs via a username with a space at the beginning or end, which is ignored by the LDAP server...