Lucene search
+L

169 matches found

Positive Technologies
Positive Technologies
added 2025/04/08 12:0 a.m.3 views

PT-2025-15528 · Microsoft · Windows Ldap +1

Name of the Vulnerable Software and Affected Versions: Windows LDAP affected versions not specified Description: The issue concerns uncontrolled resource consumption in Windows LDAP, allowing an unauthorized attacker to deny service over a network. This can lead to a denial-of-service attack...

7.8CVSS8.2AI score0.02285EPSS
Exploits0References10
NCSC
NCSC
added 2025/03/19 3:3 p.m.9 views

Vulnerability fixed in Synology DiskStation Manager

Synology has fixed a vulnerability in Synology DiskStation Manager DSM. The vulnerability is located in the LDAP functionality of Synology DiskStation Manager. This vulnerability can be exploited by man-in-the-middle attackers, allowing unauthorized interception of administrator authentication...

7.5CVSS6.8AI score0.00237EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/05 3:59 p.m.48 views

CVE-2025-27497 OpenDJ Denial of Service (Dos) using alias loop

OpenDJ is an LDAPv3 compliant directory service. OpenDJ prior to 4.9.3 contains a denial-of-service DoS vulnerability that causes the server to become unresponsive to all LDAP requests without crashing or restarting. This issue occurs when an alias loop exists in the LDAP database. If an ldapsear...

8.7CVSS0.0036EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/03/03 7:56 p.m.17 views

MinIO allows an SFTP authentication bypass due to improperly trusted SSH key

Summary A bug in evaluating the trust of the SSH key used in an SFTP connection to MinIO allows authentication bypass and unauthorized data access. Details On a MinIO server with SFTP access configured and using LDAP as an external identity provider, MinIO supports SSH key based authentication fo...

8.2CVSS7.3AI score0.00512EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/03/03 7:56 p.m.80 views

GHSA-WC79-7X8X-2P58 MinIO allows an SFTP authentication bypass due to improperly trusted SSH key

Summary A bug in evaluating the trust of the SSH key used in an SFTP connection to MinIO allows authentication bypass and unauthorized data access. Details On a MinIO server with SFTP access configured and using LDAP as an external identity provider, MinIO supports SSH key based authentication fo...

6.3CVSS7.6AI score0.00512EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/02/28 9:6 p.m.48 views

CVE-2025-27414 MinIO SFTP authentication bypass due to improperly trusted SSH key

MinIO is a high performance object storage. Starting in RELEASE.2024-06-06T09-36-42Z and prior to RELEASE.2025-02-28T09-55-16Z, a bug in evaluating the trust of the SSH key used in an SFTP connection to MinIO allows authentication bypass and unauthorized data access. On a MinIO server with SFTP...

8.2CVSS0.00512EPSS
Exploits0References3
Rapid7 Blog
Rapid7 Blog
added 2025/02/14 2:0 p.m.27 views

Xerox Versalink C7025 Multifunction Printer: Pass-Back Attack Vulnerabilities (FIXED)

During security testing, Rapid7 discovered that Xerox Versalink C7025 Multifunction printers MFPs were vulnerable to pass-back attacks. The affected products identified were: Xerox Versalink MFPs Firmware Version: 57.69.91 and earlier This issue has been assigned the following CVEs: CVE-2024-1251...

7.6CVSS8.2AI score0.00923EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/02/11 5:58 p.m.51 views

CVE-2025-21376 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

...

8.1CVSS8.3AI score0.08932EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/11 12:0 a.m.4 views

PT-2025-6319 · Microsoft · Windows Ldap +1

Name of the Vulnerable Software and Affected Versions: Windows Lightweight Directory Access Protocol LDAP affected versions not specified Description: The issue is related to the implementation of the Lightweight Directory Access Protocol LDAP in Windows, caused by synchronization errors when usi...

8.1CVSS8.6AI score0.08932EPSS
Exploits0References24
RedhatCVE
RedhatCVE
added 2025/02/05 9:11 a.m.7 views

CVE-2024-56841

A vulnerability has been identified in Mendix LDAP All versions V1.1.2. Affected versions of the module are vulnerable to LDAP injection. This could allow an unauthenticated remote attacker to bypass username verification...

9.1CVSS7.3AI score0.00489EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/14 10:30 a.m.17 views

CVE-2024-56841

A vulnerability has been identified in Mendix LDAP All versions V1.1.2. Affected versions of the module are vulnerable to LDAP injection. This could allow an unauthenticated remote attacker to bypass username verification...

9.1CVSS0.00489EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/14 10:30 a.m.5 views

CVE-2024-56841

A vulnerability has been identified in Mendix LDAP All versions V1.1.2. Affected versions of the module are vulnerable to LDAP injection. This could allow an unauthenticated remote attacker to bypass username verification...

9.1CVSS7.4AI score0.00489EPSS
Exploits0References1
Information Security Automation
Information Security Automation
added 2025/01/08 1:58 a.m.23 views

About Remote Code Execution – Windows Lightweight Directory Access Protocol (LDAP) (CVE-2024-49112)

About Remote Code Execution - Windows Lightweight Directory Access Protocol LDAP CVE-2024-49112. The vulnerability is from the December Microsoft Patch Tuesday. Three weeks later, on January 1, researchers from SafeBreach released a write-up on this vulnerability, labeled as LDAPNightmare , and a...

9.8CVSS7.8AI score0.70906EPSS
Exploits3
GithubExploit
GithubExploit
added 2025/01/08 1:56 a.m.250 views

Exploit for Integer Overflow or Wraparound in Microsoft

CVE-2024-49112-PoC CVE-2024-49112 LDAP RCE PoC and Metasploit...

9.8CVSS10AI score0.70906EPSS
Exploits3
GithubExploit
GithubExploit
added 2025/01/02 2:2 p.m.177 views

Exploit for Integer Overflow or Wraparound in Microsoft

PoC exploit for CVE-2024-49112 is uncertain. It is an offensive...

9.8CVSS9.8AI score0.70906EPSS
Exploits3
GithubExploit
GithubExploit
added 2025/01/01 3:48 p.m.120 views

Exploit for Integer Overflow or Wraparound in Microsoft

PoC exploit for CVE-2024-49113, a Windows Server vulnerability...

9.8CVSS9.4AI score0.82992EPSS
Exploits8
Circl
Circl
added 2024/12/17 6:41 a.m.4 views

CISCO-SA-20190306-NXOSLDAP

creationtimestamp| type| source ---|---|--- 2024-12-17 06:41:52+00:00| seen| https://social.circl.lu/users/vulnerabilitylookup/statuses/113666794632028669...

7.2AI score
Exploits0References1
CVE
CVE
added 2024/12/10 5:49 p.m.113 views

CVE-2024-49127

CVE-2024-49127 is a Windows LDAP Remote Code Execution vulnerability in the LDAP component of Domain Controllers. The CVSS shows high impact (C/H, I/H, A/H) with network access required and no user interaction. The exploitation path involves an attacker obtaining network access to the DC and issu...

8.1CVSS8.2AI score0.01273EPSS
Exploits0References1Affected Software15
CVE
CVE
added 2024/12/10 5:49 p.m.96 views

CVE-2024-49121

CVE-2024-49121 is an LDAP Denial-of-Service vulnerability in Windows LDAP (Domain Controller). The connected advisory confirms the LDAP issue as a DoS risk and notes that Microsoft has released fixes via updates; applying the relevant Windows security updates is the recommended remediation. MITRE...

7.5CVSS7.5AI score0.02322EPSS
Exploits0References1Affected Software15
Microsoft CVE
Microsoft CVE
added 2024/12/10 8:0 a.m.82 views

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

...

9.8CVSS7AI score0.70906EPSS
Exploits3
Rows per page
Query Builder