Lucene search
K

18 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-5048

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.04913EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2023/03/20 9:15 a.m.7 views

unboundid-ldapsdk: Incorrect Access Control vulnerability in process function in SimpleBindRequest class

UnboundID LDAP SDK version from commit 801111d8b5c732266a5dbd4b3bb0b6c7b94d7afb up to commit 8471904a02438c03965d21367890276bc25fa5a6, where the issue was reported and fixed contains an Incorrect Access Control vulnerability in process function in SimpleBindRequest class doesn't check for empty...

9.8CVSS5.7AI score0.04913EPSS
Exploits0References5
OSV
OSV
added 2022/05/13 1:48 a.m.3 views

GHSA-QWQ9-8RPF-8MP7 Weak Password Requirements in UnboundID LDAP SDK

UnboundID LDAP SDK version from commit 801111d8b5c732266a5dbd4b3bb0b6c7b94d7afb up to commit 8471904a02438c03965d21367890276bc25fa5a6, where the issue was reported and fixed contains an Incorrect Access Control vulnerability in process function in SimpleBindRequest class doesn't check for empty...

9.8CVSS7AI score0.04913EPSS
Exploits0References7
vulnersOsv
vulnersOsv
added 2022/05/13 1:48 a.m.4 views

br.com.uiltonsites:servlet-framework (=3.0.0), com.a9ski:ldap-um (=1.0.0) +496 more potentially affected by CVE-2018-1000134 via com.unboundid:unboundid-ldapsdk (>=1.1.3 <=4.0.4)

com.unboundid:unboundid-ldapsdk MAVEN version =1.1.3, =5.0.7.3, =1.0.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.1.0, =1.1.0, =3.1.2, =1.31.2, =1.25.0, =1.36.1 and more Source cves: CVE-2018-1000134 Source advisory: OSV:GHSA-QWQ9-8RPF-8MP7...

9.8CVSS7.1AI score0.04913EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2022/05/13 1:48 a.m.25 views

Weak Password Requirements in UnboundID LDAP SDK

UnboundID LDAP SDK version from commit 801111d8b5c732266a5dbd4b3bb0b6c7b94d7afb up to commit 8471904a02438c03965d21367890276bc25fa5a6, where the issue was reported and fixed contains an Incorrect Access Control vulnerability in process function in SimpleBindRequest class doesn't check for empty...

9.8CVSS2.2AI score0.04913EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.26 views

Fedora 28 : unboundid-ldapsdk (2018-e8635ed222)

Rebase packages to version: 4.0.5 CVE-2018-1000134 has been fixed in 4.0.5 release of the UnboundID LDAP SDK for Java. A blog post has been written covering the details of this CVE and is available at https://nawilson.com/2018/03/19/cve-2018-1000134-and-the-unboundid-lda p-sdk-for-java/ Further...

9.8CVSS7.6AI score0.04913EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/05/25 12:0 a.m.27 views

RHEL 7 : Virtualization (RHSA-2018:1713)

An update for unboundid-ldapsdk is now available for Red Hat Virtualization Engine 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7.8AI score0.04913EPSS
Exploits0References3
Fedora
Fedora
added 2018/03/30 1:36 p.m.76 views

[SECURITY] Fedora 28 Update: unboundid-ldapsdk-4.0.5-1.fc28

The UnboundID LDAP SDK for Java is a fast, powerful, user-friendly, and completely free Java library for communicating with LDAP directory servers and performing related tasks like reading and writing LDIF, encoding and decoding data using base64 and ASN.1 BER, and performing secure communicati o...

9.8CVSS3.6AI score0.04913EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/03/30 12:0 a.m.31 views

Fedora 26 : unboundid-ldapsdk (2018-c188d3f09a)

Rebase packages to version: 4.0.5 CVE-2018-1000134 has been fixed in 4.0.5 release of the UnboundID LDAP SDK for Java. A blog post has been written covering the details of this CVE and is available at https://nawilson.com/2018/03/19/cve-2018-1000134-and-the-unboundid-lda p-sdk-for-java/ Further...

9.8CVSS7.6AI score0.04913EPSS
Exploits0References2
Fedora
Fedora
added 2018/03/29 4:21 p.m.44 views

[SECURITY] Fedora 27 Update: unboundid-ldapsdk-4.0.5-1.fc27

The UnboundID LDAP SDK for Java is a fast, powerful, user-friendly, and completely free Java library for communicating with LDAP directory servers and performing related tasks like reading and writing LDIF, encoding and decoding data using base64 and ASN.1 BER, and performing secure communicati o...

9.8CVSS3.6AI score0.04913EPSS
Exploits0
Fedora
Fedora
added 2018/03/29 3:53 p.m.46 views

[SECURITY] Fedora 26 Update: unboundid-ldapsdk-4.0.5-1.fc26

The UnboundID LDAP SDK for Java is a fast, powerful, user-friendly, and completely free Java library for communicating with LDAP directory servers and performing related tasks like reading and writing LDIF, encoding and decoding data using base64 and ASN.1 BER, and performing secure communicati o...

9.8CVSS3.6AI score0.04913EPSS
Exploits0
CNVD
CNVD
added 2018/03/20 12:0 a.m.4 views

UnboundID LDAP SDK Authentication Bypass Vulnerability

UnboundID LDAP SDK is a software development kit for LDAP directory servers that communicate with Java. An authentication bypass vulnerability exists in the SimpleBindRequest handler function in the UnboundID LDAP SDK commit. An attacker can exploit this vulnerability by providing a valid usernam...

9.8CVSS7.2AI score0.04913EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2018/03/16 8:18 p.m.37 views

CVE-2018-1000134

UnboundID LDAP SDK version from commit 801111d8b5c732266a5dbd4b3bb0b6c7b94d7afb up to commit 8471904a02438c03965d21367890276bc25fa5a6, where the issue was reported and fixed contains an Incorrect Access Control vulnerability in process function in SimpleBindRequest class doesn't check for empty...

9.8CVSS2.3AI score0.04913EPSS
Exploits0References2
NVD
NVD
added 2018/03/16 2:29 p.m.23 views

CVE-2018-1000134

UnboundID LDAP SDK version from commit 801111d8b5c732266a5dbd4b3bb0b6c7b94d7afb up to commit 8471904a02438c03965d21367890276bc25fa5a6, where the issue was reported and fixed contains an Incorrect Access Control vulnerability in process function in SimpleBindRequest class doesn't check for empty...

9.8CVSS9.7AI score0.04913EPSS
Exploits0References3
OSV
OSV
added 2018/03/16 2:29 p.m.32 views

CVE-2018-1000134

UnboundID LDAP SDK version from commit 801111d8b5c732266a5dbd4b3bb0b6c7b94d7afb up to commit 8471904a02438c03965d21367890276bc25fa5a6, where the issue was reported and fixed contains an Incorrect Access Control vulnerability in process function in SimpleBindRequest class doesn't check for empty...

9.8CVSS9.8AI score
Exploits0References3
Prion
Prion
added 2018/03/16 2:29 p.m.30 views

Improper access control

UnboundID LDAP SDK version from commit 801111d8b5c732266a5dbd4b3bb0b6c7b94d7afb up to commit 8471904a02438c03965d21367890276bc25fa5a6, where the issue was reported and fixed contains an Incorrect Access Control vulnerability in process function in SimpleBindRequest class doesn't check for empty...

7.5CVSS9.5AI score0.04913EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/03/16 2:4 p.m.49 views

CVE-2018-1000134

UnboundID LDAP SDK version from commit 801111d8b5c732266a5dbd4b3bb0b6c7b94d7afb up to commit 8471904a02438c03965d21367890276bc25fa5a6, where the issue was reported and fixed contains an Incorrect Access Control vulnerability in process function in SimpleBindRequest class doesn't check for empty...

9.6AI score0.04913EPSS
Exploits0References3
CVE
CVE
added 2018/03/16 2:4 p.m.106 views

CVE-2018-1000134

CVE-2018-1000134 affects the UnboundID LDAP SDK for Java. The issue is an Incorrect Access Control in the SimpleBindRequest.process function that does not check for an empty password in synchronous mode, potentially allowing authentication bypass by a valid username with an empty password. The vu...

9.8CVSS9.4AI score0.04913EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder