CVE-2025-34270 Nagios Log Server < 2024R2.0.2 AD/LDAP Import Password Not Obfuscated

Nagios Log Server versions prior to 2024R2.0.2 contain a vulnerability in the AD/LDAP user import functionality as it fails to obfuscate the password field during import. As a result, the plaintext password supplied for imported accounts may be exposed in the user interface, logs, or other...

Liferay Portal Vulnerable to Information Exposure Through a Log File Vulnerability in LDAP Import Feature

Information exposure through log file vulnerability in LDAP import feature in Liferay Portal 7.4.0 through 7.4.3.97, and older unsupported versions, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions allows local users t...

CVE-2025-62262

Information exposure through log file vulnerability in LDAP import feature in Liferay Portal 7.4.0 through 7.4.3.97, and older unsupported versions, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions allows local users t...

CVE-2025-62262

Information exposure through log file vulnerability in LDAP import feature in Liferay Portal 7.4.0 through 7.4.3.97, and older unsupported versions, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions allows local users t...

CVE-2025-62262

CVE-2025-62262 : Information exposure in Liferay Portal/DXP via a log-file vulnerability in the LDAP import feature. Affected: Liferay Portal 7.4.0–7.4.3.97, older unsupported Portal, Liferay DXP 2023.Q3.1–2023.Q3.4, and various 7.4/7.3 lines up to specified updates. Local users can view user ema...

EUVD-2009-4336

Malware in sbrugna...

EUVD-2023-42509

Malicious code in bioql PyPI...

CVE-2021-38266

The Portal Security module in Liferay Portal 7.2.1 and earlier, and Liferay DXP 7.0 before fix pack 90, 7.1 before fix pack 17 and 7.2 before fix pack 5 does not correctly import users from LDAP, which allows remote attackers to prevent a legitimate user from authenticating by attempting to sign ...

Liferay Portal and Liferay DXP fails to properly import users from LDAP

Security LDAP Implementation before 2.0.16 from Liferay Portal through v7.2.1 and Liferay DXP through v7.2 does not correctly import users from LDAP, allowing remote attackers to prevent a legitimate user from authenticating by attempting to sign in as a user that exists in LDAP...

CVE-2021-38266

The Portal Security module in Liferay Portal 7.2.1 and earlier, and Liferay DXP 7.0 before fix pack 90, 7.1 before fix pack 17 and 7.2 before fix pack 5 does not correctly import users from LDAP, which allows remote attackers to prevent a legitimate user from authenticating by attempting to sign ...

PT-2022-10706 · Liferay · Liferay Dxp +1

Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.2.1 and earlier Liferay DXP versions 7.0 through 7.0 before fix pack 90 Liferay DXP versions 7.1 through 7.1 before fix pack 17 Liferay DXP versions 7.2 through 7.2 before fix pack 5 Description: The issue concerns t...

CVE-2009-4368

Multiple unspecified vulnerabilities in Centreon before 2.1.4 have unknown impact and attack vectors in the 1 ping tool, 2 traceroute tool, and 3 ldap import, possibly related to improper authentication...

CVE-2009-4368

Multiple unspecified vulnerabilities in Centreon before 2.1.4 have unknown impact and attack vectors in the 1 ping tool, 2 traceroute tool, and 3 ldap import, possibly related to improper authentication...

CVE-2009-4368

Centreon before 2.1.4 has multiple vulnerabilities in the ping, traceroute, and LDAP import components, likely related to improper authentication. Affects Centreon installations running versions prior to 2.1.4. Remediation: upgrade to Centreon 2.1.4 or apply the vendor patch (VendorFix). No explo...