MiracleLinux 4 : java-1.7.0-openjdk-1.7.0.171-2.6.13.0.AXS4 (AXSA:2018-2753:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-2753:01 advisory. A flaw was found in the AWT component of OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox...

CVE-2023-1055

A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit-389-ds is running can list the processes...

The vulnerability of the implementation of the Lightweight Directory Access Protocol (LDAP) in the Cisco Secure Email and Web Manager content protection device, as well as the Cisco Email Security Appliance (ESA) email security system, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Lightweight Directory Access Protocol LDAP implementation of the Cisco Secure Email and Web Manager security device, as well as the Cisco Email Security Appliance ESA email security system, is related to the lack of proper input sanitization during requests to the externa...

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root rights Remote code execution User rights...

PT-2022-2599 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to the implementation of the Lightweight Directory Access Protocol LDAP in Microsoft Windows, specifically due to insufficient input validation. This allows a remote...

A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring resulting in denial of service.

...

DEBIAN-CVE-2020-36229

A flaw was discovered in ldapX509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in adkeystring, resulting in denial of service...

UBUNTU-CVE-2020-25710

A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23. The highest threat from this vulnerability is to system availability...

DEBIAN-CVE-2019-11187

Incorrect Access Control in the LDAP class of GONICUS GOsa through 2019-04-11 allows an attacker to log into any account with a username containing the case-insensitive substring "success" when an arbitrary password is provided...