CVE-2026-44671 ZITADEL: LDAP Filter Injection in Login Flow

ZITADEL is an open source identity management platform. From 2.71.11 to before 3.4.10 and 4.15.0, a vulnerability was discovered in Zitadel's LDAP identity provider implementation, which fails to properly escape user-provided usernames before incorporating them into LDAP search filters. This allo...

CVE-2022-47425

Missing Authorization vulnerability in Repute Infosystems ARMember allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ARMember: from n/a through 3.4.10...

PT-2025-5439 · Ukrsolution · Ukrsolution Print Barcode Labels

Name of the Vulnerable Software and Affected Versions: UkrSolution Print Barcode Labels for your WooCommerce products/orders versions 3.4.10 and earlier Description: The issue is related to a Missing Authorization vulnerability in the UkrSolution Print Barcode Labels for WooCommerce...

SUSE CVE-2021-4186

Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file...

CVE-2020-15136

In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the discoverEndpoints...

CVE-2020-15115

etcd before versions 3.3.23 and 3.4.10 does not perform any password length validation, which allows for very short passwords, such as those with a length of one. This may allow an attacker to guess or brute-force users' passwords with little computational effort...

etcd Access Restriction Bypass Vulnerability

etcd is a key-value storage system for distributed systems written in the Go language. A security vulnerability exists in etcd versions prior to 3.3.23 and 3.4.10, which stems from the program failing to perform any privilege checks. An attacker could exploit this vulnerability to bypass access...