Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-19471

Malware in sbrugna...

4.3CVSS4.9AI score0.01073EPSS
Exploits1References3
NVD
NVD
added 2025/07/21 6:15 p.m.6 views

CVE-2025-52575

EspoCRM is an Open Source CRM Customer Relationship Management software. EspoCRM versions 9.1.6 and earlier are vulnerable to blind LDAP Injection when LDAP authentication is enabled. A remote, unauthenticated attacker can manipulate LDAP queries by injecting crafted input containing wildcard...

6.5CVSS0.00705EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/27 2:14 p.m.45 views

Security Bulletin: The Bouncy Castle Crypto Package For Java (bc-java) component is vulnerable to CVE-2023-33201 is used by IBM Maximo Application Suite

Summary IBM Maximo Application Suite uses The Bouncy Castle Crypto Package For Java bc-java package which is vulnerable to CVE-2023-33201. Vulnerability Details CVEID:CVE-2023-33201 DESCRIPTION: The Bouncy Castle Crypto Package For Java bc-java could allow a remote attacker to obtain sensitive...

5.3CVSS6.3AI score0.00772EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/25 9:55 p.m.50 views

Security Bulletin: Vulnerability with bcprov-jdk affect IBM Cloud Object Storage Systems (Sept2023)

Summary Vulnerability with bcprov-jdk CVE-2023-33201 This vulnerability have been addressed in the latest ClevOS releases Vulnerability Details CVEID:CVE-2023-33201 DESCRIPTION: The Bouncy Castle Crypto Package For Java bc-java could allow a remote attacker to obtain sensitive information, caused...

5.3CVSS6.4AI score0.00772EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/07 12:48 p.m.23 views

Security Bulletin: A vulnerability has been identified in the IBM Storage Scale GUI where a remote authenticated user can execute commands (CVE-2023-33201)

Summary A security vulnerability has been identified in all levels of IBM Storage Scale GUI that could allow a remote authenticated user to execute commands. A fix for this vulnerability is available. Vulnerability Details CVEID:CVE-2023-33201 DESCRIPTION: The Bouncy Castle Crypto Package For Jav...

5.3CVSS6.5AI score0.00772EPSS
Exploits0Affected Software1
The Hacker News
The Hacker News
added 2023/07/07 12:55 p.m.36 views

Mastodon Social Network Patches Critical Flaws Allowing Server Takeover

Mastodon, a popular decentralized social network, has released a security update to fix critical vulnerabilities that could expose millions of users to potential attacks. Mastodon is known for its federated model, consisting of thousands of separate servers called "instances," and it has over 14...

7.7AI score0.4011EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2023/06/29 4:28 p.m.113 views

CVE-2023-33201

A flaw was found in Bouncy Castle 1.73. This issue targets the fix of LDAP wild cards. Before the fix there was no validation for the X.500 name of any certificate, subject, or issuer, so the presence of a wild card may lead to information disclosure. This could allow a malicious user to obtain...

5.3CVSS5.1AI score0.00772EPSS
Exploits0References4
OSV
OSV
added 2021/06/01 6:15 p.m.13 views

CVE-2021-32651

OneDev is a development operations platform. If the LDAP external authentication mechanism is enabled in OneDev versions 4.4.1 and prior, an attacker can manipulate a user search filter to send forged queries to the application and explore the LDAP tree using Blind LDAP Injection techniques. The...

4.3CVSS7.2AI score
Exploits0References2
Prion
Prion
added 2021/06/01 6:15 p.m.19 views

Design/Logic Flaw

OneDev is a development operations platform. If the LDAP external authentication mechanism is enabled in OneDev versions 4.4.1 and prior, an attacker can manipulate a user search filter to send forged queries to the application and explore the LDAP tree using Blind LDAP Injection techniques. The...

4.3CVSS5AI score0.01073EPSS
Exploits1References2Affected Software1
Typo3
Typo3
added 2011/11/15 12:0 a.m.15 views

Authentication Bypass and Blind LDAP Injection in extension eu_ldap

It has been discovered that the extension euladap is vulnerable to Authentication Bypass and Blind LDAP Injection Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 2.8.10 and all versions below Vulnerability Type:...

7.1AI score
Exploits0Affected Software1
Rows per page
Query Builder