Exploit for Stack-based Buffer Overflow in Microsoft

CVE-2026-41089 !TIP If the setup does not start, add t...

Astra Linux - уязвимость в samba

A flaw was discovered in Samba. Users of Samba AD can cause the server to access uninitialized data through an LDAP add or modify request, typically resulting in a segmentation fault...

Wireshark 1.8.x < 1.8.10 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 1.8.10. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-1.8.10 advisory. - Unspecified vulnerability in the LDAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before...

K000160292: Curl vulnerability CVE-2025-14524

Security Advisory Description When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host. CVE-2025-14524 Impact The...

CVE-2025-14524

When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host...

ALPINE-CVE-2025-14524

When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host...

CVE-2025-14524 bearer token leak on cross-protocol redirect

When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host...

EUVD-2019-4325

Malware in sbrugna...

CVE-2025-58045 Dataease server-side request forgery via unfiltered DB2 JDBC ldap parameter

Dataease is an open source data analytics and visualization platform. In Dataease versions up to 2.10.12, the patch introduced to mitigate DB2 JDBC deserialization remote code execution attacks only blacklisted the rmi parameter. The ldap parameter in the DB2 JDBC connection string was not...

ROS-20250905-07

A vulnerability in the user locking mechanism of the Vault Enterprise and Vault Community Edition enterprise data archiving platforms is due to the application not performing the correct normalization of the application. Enterprise and Vault Community Edition is related to the fact that the...

CVE-2019-12736

JetBrains Ktor framework before 1.2.0-rc does not sanitize the username provided by the user for the LDAP protocol, leading to command injection...

The vulnerability in the implementation of the LDAP service protocol for Microsoft Windows operating systems allows a perpetrator to cause a service failure.

The vulnerability of the LDAP Lightweight Directory Access Protocol implementation in Microsoft Windows operating systems is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...

CVE-2025-21376

Windows Lightweight Directory Access Protocol LDAP Remote Code Execution Vulnerability...

CVE-2024-49124 Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability

...

Moderate: Red Hat Security Advisory: redhat-ds:11 security and bug fix update

An update for the redhat-ds:11 module is now available for Red Hat Directory Server 11.9 for RHEL 8.10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

The vulnerability of the LDAP protocol implementation in Mastodon’s web application for deploying distributed social networks allows a hacker to bypass the authentication process.

The vulnerability of the LDAP protocol implementation in Mastodon’s web application for deploying distributed social networks is related to the lack of a mechanism for verifying the source of data. Exploiting this vulnerability allows a malicious actor to bypass the authentication process...

SUSE CVE-2008-1562

The LDAP dissector in Wireshark formerly Ethereal 0.99.2 through 0.99.8 allows remote attackers to cause a denial of service application crash via a malformed packet, a different vulnerability than CVE-2006-5740...

SUSE CVE-2022-42915

curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTPS URL, it sets up the connection to the remote server by issuing a CONNECT request to the proxy, and then tunnels the rest of the protocol through. An HTTP proxy might refuse this request HTTP...

The vulnerability in the implementation of the LDAP Lightweight Directory Access Protocol on the Windows operating system allows a perpetrator to execute arbitrary code.

The vulnerability of the LDAP Lightweight Directory Access Protocol implementation in the Windows operating system is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Cisco multiple product licensing issues vulnerabilities

Cisco Email Security Appliance ESA and Cisco Secure Email are both products of Cisco USA. cisco Email Security Appliance is an email security appliance. cisco Secure Email is a Cisco Secure Email formerly Email Security provides the best protection for your email from cyber threats.An authorizati...