GHSA-C3FC-8QFF-9HWX Bouncy Castle has an LDAP injection

Improper neutralization of special elements used in an LDAP query 'LDAP injection' vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all prov modules. This vulnerability is associated with program files LDAPStoreHelper. This issue affects BC-JAVA: from 1.74 before 1.84...

DEBIAN-CVE-2026-0636

Improper neutralization of special elements used in an LDAP query 'LDAP injection' vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all prov modules. This vulnerability is associated with program files LDAPStoreHelper. This issue affects BC-JAVA: from 1.74 before 1.80.2, from...

CVE-2019-25660

LanHelper 1.74 contains a local buffer overflow vulnerability that allows attackers to crash the application by sending excessively long input strings. Attackers can exploit the Form Send Message feature by pasting 6000 bytes of data into the Message text field to trigger a denial of service...

Linux Distros Unpatched Vulnerability : CVE-2023-32323

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. A malicious user on a Synapse homeserver X with permission to...

CVE-2020-36829

CVE-2020-36829 affects the Mojolicious Perl module prior to 8.65, with the secure_compare timing attack enabling an attacker to infer the length of a secret string (only versions after 1.74 are affected). Connected advisories confirm affected software and fixes: Debian LTS advisory DLA-3846-1 sta...

CVE-2020-36829

The Mojolicious module before 8.65 for Perl is vulnerable to securecompare timing attacks that allow an attacker to guess the length of a secret string. Only versions after 1.74 are affected...

PT-2023-4874

Name of the Vulnerable Software and Affected Versions Bouncy Castle For Java versions prior to 1.74 Description The issue is related to an LDAP injection vulnerability in Bouncy Castle For Java. It affects applications that use an LDAP CertStore to validate X.509 certificates. During certificate...

SUSE CVE-2023-33201

Bouncy Castle For Java before 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the certificate's Subject...

Code injection

Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. A malicious user on a Synapse homeserver X with permission to create certain state events can disable outbound federation from X to an arbitrary homeserver Y. Synapse instances with federation disable...

UBUNTU-CVE-2023-32323

Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. A malicious user on a Synapse homeserver X with permission to create certain state events can disable outbound federation from X to an arbitrary homeserver Y. Synapse instances with federation disable...

PT-2021-14712 · Jenkins · Jenkins Generic Webhook Trigger Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Generic Webhook Trigger Plugin versions 1.72 and earlier Description: The issue allows attackers to have Jenkins parse a crafted XML request body that uses external entities for extraction of secrets from the Jenkins controller or...