Lucene search
K

2399 matches found

Tenable Nessus
Tenable Nessus
added 2023/03/28 12:0 a.m.29 views

CBL Mariner 2.0 Security Update: openldap (CVE-2022-29155)

The version of openldap installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-29155 advisory. - In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the...

9.8CVSS8.2AI score0.69899EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.23 views

Debian: Security Advisory (DLA-203-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS9.7AI score0.11091EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.17 views

Debian: Security Advisory (DLA-309-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS4.5AI score0.19984EPSS
Exploits1References2
ICS
ICS
added 2023/03/06 7:52 p.m.42 views

Hitachi Energy Gateway Station

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Gateway Station GWS Vulnerabilities: NULL Pointer Dereference, Infinite Loop 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause affected modules to...

7.5CVSS9AI score0.02183EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/02/23 12:0 a.m.136 views

Amazon Linux 2 : openldap (ALAS-2023-1958)

The version of openldap installed on the remote host is prior to 2.4.44-23. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-1958 advisory. In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend ...

9.8CVSS8.2AI score0.69899EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/02/23 12:0 a.m.45 views

Amazon Linux AMI : openldap (ALAS-2023-1691)

The version of openldap installed on the remote host is prior to 2.4.40-16.32. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1691 advisory. In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backen...

9.8CVSS8.2AI score0.69899EPSS
Exploits1References4
F5 Networks
F5 Networks
added 2023/02/21 7:53 p.m.28 views

K16343: OpenLDAP vulnerabilities CVE-2015-1545 and CVE-2015-1546

Security Advisory Description CVE-2015-1545 The derefparseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service NULL pointer dereference and crash via an empty attribute list in a deref control in a search request...

5CVSS5.3AI score0.11091EPSS
Exploits1
F5 Networks
F5 Networks
added 2023/02/21 6:48 p.m.39 views

K56241216: OpenLDAP vulnerabilities CVE-2020-25709 and CVE-2020-25710

Security Advisory Description CVE-2020-25709 A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability. CVE-2020-25710...

7.5CVSS7.7AI score0.02858EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 6:34 p.m.45 views

K45243961: OpenLDAP vulnerability CVE-2020-12243

Security Advisory Description In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service daemon crash. CVE-2020-12243 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5...

7.5CVSS6.4AI score0.04423EPSS
Exploits1
F5 Networks
F5 Networks
added 2023/02/21 6:30 p.m.39 views

K17460: OpenLDAP vulnerability CVE-2015-6908

Security Advisory Description The bergetnext function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service reachable assertion and application crash via crafted BER data, as demonstrated by an attack against slapd. CVE-2015-6908 Impact A...

5CVSS5.3AI score0.19984EPSS
Exploits1Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 6:30 p.m.36 views

K16882: OpenLDAP vulnerability CVE-2013-4449

Security Advisory Description Description The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service slapd crash by unbinding immediately after a search request, which triggers rwmconndestroy to free the...

4.3CVSS5.3AI score0.10913EPSS
Exploits1
Amazon
Amazon
added 2023/02/17 12:12 a.m.32 views

Critical: openldap

Issue Overview: In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of...

9.8CVSS1.1AI score0.69899EPSS
Exploits1
Amazon
Amazon
added 2023/02/17 12:2 a.m.30 views

Critical: openldap

Issue Overview: In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of...

9.8CVSS1.1AI score0.69899EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2023/02/15 6:18 a.m.4 views

SUSE CVE-2005-2069

pamldap and nssldap, when used with OpenLDAP and connecting to a slave using TLS, does not use TLS for the subsequent connection if the client is referred to a master, which may cause a password to be sent in cleartext and allows remote attackers to sniff the password...

5CVSS7AI score0.02752EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 6:15 a.m.3 views

SUSE CVE-2006-1470

OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service crash via an invalid LDAP request that triggers an assert error...

5CVSS6.6AI score0.08042EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:14 a.m.2 views

SUSE CVE-2006-4600

slapd in OpenLDAP before 2.3.25 allows remote authenticated users with selfwrite Access Control List ACL privileges to modify arbitrary Distinguished Names DN...

2.3CVSS7AI score0.02658EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:13 a.m.2 views

SUSE CVE-2006-5779

OpenLDAP before 2.3.29 allows remote attackers to cause a denial of service daemon crash via LDAP BIND requests with long authcid names, which triggers an assertion failure...

7.5CVSS6.8AI score0.75373EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:10 a.m.3 views

SUSE CVE-2007-5708

slapo-pcache overlays/pcache.c in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers to cause a denial of service segmentation fault v...

7.1CVSS6.8AI score0.02618EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:10 a.m.4 views

SUSE CVE-2007-5707

OpenLDAP before 2.3.39 allows remote attackers to cause a denial of service slapd crash via an LDAP request with a malformed objectClasses attribute. NOTE: this has been reported as a double free, but the reports are inconsistent...

7.1CVSS6.9AI score0.03653EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:9 a.m.2 views

SUSE CVE-2007-6698

The BDB backend for slapd in OpenLDAP before 2.3.36 allows remote authenticated users to cause a denial of service crash via a potentially-successful modify operation with the NOOP control set to critical, possibly due to a double free vulnerability...

4CVSS6.8AI score0.02044EPSS
Exploits3References4
Rows per page
Query Builder