CVE-2025-27497

Summary for CVE-2025-27497 : OpenDJ (LDAPv3 directory service) prior to 4.9.3 is vulnerable to a denial-of-service caused by an alias loop in the LDAP database. When an ldapsearch request dereferences aliases with type "always" on an alias entry, the server becomes unresponsive to all LDAP reques...

CVE-2025-27497 OpenDJ Denial of Service (Dos) using alias loop

OpenDJ is an LDAPv3 compliant directory service. OpenDJ prior to 4.9.3 contains a denial-of-service DoS vulnerability that causes the server to become unresponsive to all LDAP requests without crashing or restarting. This issue occurs when an alias loop exists in the LDAP database. If an ldapsear...

CVE-2025-27497 OpenDJ Denial of Service (Dos) using alias loop

OpenDJ is an LDAPv3 compliant directory service. OpenDJ prior to 4.9.3 contains a denial-of-service DoS vulnerability that causes the server to become unresponsive to all LDAP requests without crashing or restarting. This issue occurs when an alias loop exists in the LDAP database. If an ldapsear...

OpenDJ 安全漏洞

OpenDJ is a directory service open-sourced by Open Identity Platform. A security vulnerability exists in OpenDJ versions prior to 4.9.3 that stems from an alias loop leading to a denial of service attack...

SUSE CVE-2022-49172

In the Linux kernel, the following vulnerability has been resolved: parisc: Fix non-access data TLB cache flush faults When a page is not present, we get non-access data TLB faults from the fdc and fic instructions in flushuserdcacherangeasm and flushusericacherangeasm. When these occur, the cach...

SUSE CVE-2023-20900

A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a...

SUSE CVE-2023-34058

VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fixed the incorrect use of pciforeachdmaalias for non-PCI devices. Previously, the domaincontextclear function incorrectly called pciforeachdmaalias to set up context entries for non-PCI devices. This could lead to...

CVE-2024-6303

Missing authorization in Client-Server API in Conduit =0.7.0, allowing for any alias to be removed and added to another room, which can be used for privilege escalation by moving the admins alias to a room which they control, allowing them to run commands resetting passwords, siging json with the...

SUSE CVE-2025-21654

In the Linux kernel, the following vulnerability has been resolved: ovl: support encoding fid from inode with no alias Dmitry Safonov reported that a WARNON assertion can be trigered by userspace when calling inotifyshowfdinfo for an overlayfs watched inode, whose dentry aliases were discarded wi...

DEBIAN-CVE-2025-21654

In the Linux kernel, the following vulnerability has been resolved: ovl: support encoding fid from inode with no alias Dmitry Safonov reported that a WARNON assertion can be trigered by userspace when calling inotifyshowfdinfo for an overlayfs watched inode, whose dentry aliases were discarded wi...

UBUNTU-CVE-2025-21654

In the Linux kernel, the following vulnerability has been resolved: ovl: support encoding fid from inode with no alias Dmitry Safonov reported that a WARNON assertion can be trigered by userspace when calling inotifyshowfdinfo for an overlayfs watched inode, whose dentry aliases were discarded wi...

CVE-2025-21654

In the Linux kernel, the following vulnerability has been resolved: ovl: support encoding fid from inode with no alias Dmitry Safonov reported that a WARNON assertion can be trigered by userspace when calling inotifyshowfdinfo for an overlayfs watched inode, whose dentry aliases were discarded wi...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ovlencodefh function failing when an alias cannot be found, resulting in the FANDELETESELF event not bei...

VulnCheck KEV: CVE-2019-18371

An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. There is a directory traversal vulnerability to read arbitrary files via a misconfigured NGINX alias, as demonstrated by api-third-party/download/extdisks../etc/config/account. With this vulnerability, the attacker can...

PT-2026-21524

Name of the Vulnerable Software and Affected Versions: 389 Directory Server versions prior to 3.0.6git249.6688af9b2. Description: A heap buffer overflow vulnerability exists in the schema attr enum callback function within the schema.c file of 389 Directory Server. This occurs because the code...

Security update for govulncheck-vulndb

This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20241209T183251 2024-12-09T18:32:51Z jscPED-11136 Go CVE Numbering Authority IDs added or updated with aliases: GO-2024-3284 GO-2024-3286 GO-2024-3287 GO-2024-3288 GO-2024-3289 GO-2024-3290 GO-2024-3291...

CVE-2024-50101

...

The vulnerability of the Intel Alias Checking Trusted Module (Intel ACTM), a microprogramming software component for Intel 4th Generation and 5th Generation processors, allows attackers to exploit it to increase their privileges.

The vulnerability of the Intel Alias Checking Trusted Module Intel ACTM, a microprogramming software component of Intel’s 4th and 5th generation processors, relates to the disclosure of information in the erroneous data area. Exploiting this vulnerability can allow attackers to enhance their...

The vulnerability of the Intel Alias Checking Trusted Module (Intel ACTM), a microprogramming software component for Intel’s 4th and 5th generation processors, allows attackers to exploit it to increase their privileges.

The vulnerability of the Intel Alias Checking Trusted Module Intel ACTM, a microprogramming software component of Intel’s 4th and 5th generation processors, is related to synchronization errors when using common resources. Exploiting this vulnerability can allow attackers to increase their...