CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/06/09 2:16 p.m.•8 views

DEBIAN-CVE-2026-11787

A flaw was found in 389 Directory Server. The ldaputf8prev function reads bytes before the start of a buffer without bounds checking, causing a heap buffer over-read in string filter parsing that may influence internal filter processing behavior...

6.3CVSS5.7AI score0.00202EPSS

OSV•added 2026/06/09 2:16 p.m.•5 views

UBUNTU-CVE-2026-11789

A flaw was found in 389 Directory Server. The SMD5 password storage plugin performs unsigned integer underflow when computing salt length from a crafted password hash shorter than 16 bytes, causing a buffer over-read that crashes the LDAP server during authentication...

6.5CVSS5.5AI score0.00335EPSS

Exploits0References5

Microsoft CVE•added 2026/06/09 2:0 p.m.•8 views

Windows Projected File System Elevation of Privilege Vulnerability

Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally...

7.8CVSS5.4AI score0.00299EPSS

Exploits0

CVE•added 2026/06/09 1:2 p.m.•22 views

CVE-2026-11789

Affected software : 389 Directory Server (389-ds-base). Vulnerable component : SMD5 password storage plugin. Root cause : unsigned integer underflow when computing salt length from a crafted password hash shorter than 16 bytes, causing a buffer over-read and LDAP server crash during authenticatio...

6.5CVSS5.7AI score0.00335EPSS

Exploits0References3Affected Software3

Cvelist•added 2026/06/09 1:2 p.m.•26 views

CVE-2026-11789 389-ds-base: 389-ds-base: smd5 password storage plugin salt length integer underflow crash

4.9CVSS0.00335EPSS

Vulnrichment•added 2026/06/09 1:2 p.m.•6 views

CVE-2026-11789 389-ds-base: 389-ds-base: smd5 password storage plugin salt length integer underflow crash

4.9CVSS5.7AI score0.00335EPSS

Debian CVE•added 2026/06/09 1:2 p.m.•7 views

CVE-2026-11789

6.5CVSS5.7AI score0.00335EPSS

Exploits0

CVE•added 2026/06/09 1:2 p.m.•19 views

CVE-2026-11787

The CVE-2026-11787 entry concerns 389 Directory Server (389-ds-base). A heap buffer over-read occurs in the ldap_utf8prev() function when reading bytes before the start of a buffer during string filter parsing (via str2simple), which may influence internal filter processing behavior. Documented i...

6.3CVSS5.7AI score0.00202EPSS

Exploits0References3Affected Software3

Positive Technologies•added 2026/06/09 12:0 a.m.•8 views

PT-2026-47880

Name of the Vulnerable Software and Affected Versions Windows Projected File System Filter Driver affected versions not specified Description A buffer over-read in the Windows Projected File System ProjFS filter driver allows an authorized attacker to perform a local privilege escalation. This...

7.8CVSS5.6AI score0.00299EPSS

Positive Technologies•added 2026/06/09 12:0 a.m.•8 views

PT-2026-47779

4.9CVSS5.7AI score0.00335EPSS

Exploits0References4

CNNVD•added 2026/06/09 12:0 a.m.•5 views

389 Directory Server 数字错误漏洞

389 Directory Server is an open-source implementation of a highly available, fully functional, reliable, and secure LDAP server. 389 Directory Server has a numerical error vulnerability, which stems from the SMD5 password storage plugin executing an unsigned integer underflow when calculating...

6.5CVSS5.5AI score0.00335EPSS

Tenable Nessus•added 2026/06/09 12:0 a.m.•13 views

Linux Distros Unpatched Vulnerability : CVE-2026-44185

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects Apache HTTP Server: fro...

Tenable Nessus•added 2026/06/09 12:0 a.m.•4 views

EulerOS 2.0 SP11 : libsoup (EulerOS-SA-2026-2251)

According to the versions of the libsoup packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in libsoup, an HTTP client/server library. This HTTP Request Smuggling vulnerability arises from non-RFC-compliant parsing in th...

9.1CVSS6.5AI score0.0043EPSS

Exploits0References5

Cvelist•added 2026/06/08 3:22 p.m.•53 views

CVE-2026-44185 Apache HTTP Server: Stack Buffer Over-Read in mod_ssl OCSP `send_request`

Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

0.0047EPSS

Vulnrichment•added 2026/06/08 3:22 p.m.•16 views

CVE-2026-44185 Apache HTTP Server: Stack Buffer Over-Read in mod_ssl OCSP `send_request`

5.4AI score0.0047EPSS

CVE•added 2026/06/08 3:22 p.m.•30 views

CVE-2026-44185

CVE-2026-44185 describes a buffer over-read in Apache HTTP Server when handling outbound OCSP requests to an attacker-controlled OCSP server. Affected versions are 2.4.0 through 2.4.67. The vulnerability is associated with the OCSP handling path (mod_ssl OCSP send_request) and can enable an attac...

Exploits0References2Affected Software1

ATTACKERKB•added 2026/06/08 3:22 p.m.•5 views

CVE-2026-44185

5.4AI score0.0047EPSS

Exploits0References2Affected Software1

Debian CVE•added 2026/06/08 3:22 p.m.•5 views

CVE-2026-44185

CNNVD•added 2026/06/08 12:0 a.m.•4 views

Exploits0

Apache HTTP Server 安全漏洞

Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. There were security vulnerabilities in Apache HTTP Server versions 2.4.0 to 2.4.67. These...