EUVD-2022-35084

Malicious code in bioql PyPI...

EUVD-2025-31414

Malicious code in bioql PyPI...

CVE-2025-9894

The Sync Feedly plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the crsfcronjobfunc function. This makes it possible for unauthenticated attackers to trigger content synchronizati...

CVE-2025-9894 Sync Feedly <= 1.0.1 - Cross-Site Request Forgery to Sync Trigger

The Sync Feedly plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the crsfcronjobfunc function. This makes it possible for unauthenticated attackers to trigger content synchronizati...

CVE-2025-9894 Sync Feedly <= 1.0.1 - Cross-Site Request Forgery to Sync Trigger

The Sync Feedly plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the crsfcronjobfunc function. This makes it possible for unauthenticated attackers to trigger content synchronizati...

Linux Distros Unpatched Vulnerability : CVE-2022-2850

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a speciall...

Rocky Linux 9 : 389-ds-base (RLSA-2022:8162)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:8162 advisory. - A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a...

SUSE CVE-2022-2850

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix ...

389-ds-base: SIGSEGV in sync_repl

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service...

389-ds-base: SIGSEGV in sync_repl

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service...

Amazon Linux 2 : 389-ds-base (ALAS-2022-1879)

The version of 389-ds-base installed on the remote host is prior to 1.3.10.2-17. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1879 advisory. A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL...

Medium: 389-ds-base

Issue Overview: A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. CVE-2022-2850 Affected Packages...

389-ds-base: SIGSEGV in sync_repl

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service...

AlmaLinux 9 : 389-ds-base (ALSA-2022:8162)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:8162 advisory. - A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denia...

Rocky Linux 8 : 389-ds:1.4 (RLSA-2022:7133)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:7133 advisory. - A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a special...

389-ds-base: SIGSEGV in sync_repl

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service...

Denial Of Service (DoS)

389-ds-base is vulnerable to Denial Of Service DoS. The vulnerability exists when the content synchronization plugin is enabled, allowing an attacker crash the application through the null pointer dereference by providing a maliciously crafted query...

AlmaLinux 8 : 389-ds:1.4 (ALSA-2022:7133)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:7133 advisory. 389-ds-base: SIGSEGV in syncrepl CVE-2022-2850 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that Nessu...

Oracle Linux 8 : 389-ds:1.4 (ELSA-2022-7133)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-7133 advisory. 1.4.3.28-8 - Bump version to 1.4.3.28-8 - Resolves: Bug 2131743 - SIGSEGV in syncrepl Tenable has extracted the preceding description block directly from the...

389-ds-base: SIGSEGV in sync_repl

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service...