CVE-2022-2850

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix ...

CVE-2022-2850

Summary: CVE-2022-2850 affects 389-ds-base where the Content Synchronization plugin, when enabled, allows an authenticated user to trigger a NULL pointer dereference and cause a denial of service. This entry is tied to an incomplete fix for CVE-2021-3514. What’s affected (from connected docs): 38...

CVE-2022-2850

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix ...

CVE-2022-2850

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix ...

PT-2022-5596 · Microsoft · Windows Point-To-Point Tunneling Protocol +1

Name of the Vulnerable Software and Affected Versions: Windows Point-to-Point Tunneling Protocol affected versions not specified Description: The issue is related to the implementation of the Point-to-Point Tunneling Protocol PPTP in Windows operating systems, specifically concerning...

PT-2022-5428 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is caused by synchronization errors when using a shared resource in the Windows Storage Services. Exploitation of this issue may allow an attacker to gain unauthorized access and...

IBM Navigator Mobile 安全漏洞

IBM Navigator Mobile is an application from International Business Machines IBM, Inc. Used with a local IBM P8 repository, it extends synchronization capabilities to business content in services that offer a full range of collaboration options. A security vulnerability exists in IBM Navigator...

PT-2022-5405 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in synchronization when using a shared resource in the implementation of the Point-to-Point Tunneling Protocol PPTP in Microsoft Windows. This can be exploite...

PT-2022-5368 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in synchronization when using a shared resource in the implementation of the Point-to-Point Tunneling Protocol PPTP in Microsoft Windows. This can allow a...

PT-2022-5302 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is caused by synchronization errors when using a shared resource in the implementation of the Point-to-Point Tunneling Protocol PPTP in Windows. This allows a remote attacker to...

Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2022-2437)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : 389-ds-base (EulerOS-SA-2022-2437)

According to the versions of the 389-ds-base packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer...

The vulnerability of Microsoft Edge browser on Windows operating systems, related to synchronization errors when using a shared resource, allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Edge browser on Windows operating systems is related to synchronization errors when using a shared resource. Exploiting this vulnerability allows a remote attacker to perform spear-phishing attacks...

PT-2022-4901 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge Chromium-based affected versions not specified Description: The issue is related to synchronization errors when using a shared resource in Microsoft Edge, allowing a remote attacker to conduct spoofing attacks. Recommendations:...

The vulnerability of the kernel of microprogramming software in Qualcomm’s embedded chips allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of microprogramming software in embedded Qualcomm chips is related to synchronization errors when using common resources. Exploiting this vulnerability can allow attackers to cause service failures or execute arbitrary code...

The vulnerability of the Display component in Qualcomm’s embedded software allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the Display component in Qualcomm’s embedded software lies in synchronization errors when using shared resources. Exploiting this vulnerability can allow attackers to cause system failures or execute arbitrary code...

Bifrost Licensing Issue Vulnerability

Bifrost is a middleware package that synchronizes MySQL MariaDB binary log data to other types of databases.Bifrost 1.8.6-release and earlier versions are vulnerable to authorization issues, which stem from its vulnerability to authentication bypass when using HTTP basic authentication, which can...

PT-2022-5375 · Apache +2 · Apache Tomcat +2

Name of the Vulnerable Software and Affected Versions: Apache Tomcat affected versions not specified Pandora FMS version 7.65 Description: The issue concerns errors in synchronization when using a shared resource in Apache Tomcat, potentially allowing a remote attacker to gain unauthorized access...

CVE-2022-39219 Bifrost users using basic authntication can bypass write permission limit

Bifrost is a middleware package which can synchronize MySQL/MariaDB binlog data to other types of databases. Versions 1.8.6-release and prior are vulnerable to authentication bypass when using HTTP basic authentication. This may allow group members who only have read permissions to write requests...

CVE-2021-39190

The SCCM plugin for GLPI is a plugin to synchronize computers from SCCM version 1802 to GLPI. In versions prior to 2.3.0, the Configuration page is publicly accessible in read-only mode. This issue is patched in version 2.3.0. No known workarounds exist...