15 matches found
EUVD-2022-35084
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-2850
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a speciall...
Rocky Linux 9 : 389-ds-base (RLSA-2022:8162)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:8162 advisory. - A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a...
Amazon Linux 2 : 389-ds-base (ALAS-2022-1879)
The version of 389-ds-base installed on the remote host is prior to 1.3.10.2-17. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1879 advisory. A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL...
Medium: 389-ds-base
Issue Overview: A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. CVE-2022-2850 Affected Packages...
Rocky Linux 8 : 389-ds:1.4 (RLSA-2022:7133)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:7133 advisory. - A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a special...
Oracle Linux 8 : 389-ds:1.4 (ELSA-2022-7133)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-7133 advisory. 1.4.3.28-8 - Bump version to 1.4.3.28-8 - Resolves: Bug 2131743 - SIGSEGV in syncrepl Tenable has extracted the preceding description block directly from the...
DEBIAN-CVE-2022-2850
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix ...
CVE-2022-2850
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix ...
CVE-2022-2850
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix ...
CVE-2022-2850
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix ...
CVE-2022-2850
Summary: CVE-2022-2850 affects 389-ds-base where the Content Synchronization plugin, when enabled, allows an authenticated user to trigger a NULL pointer dereference and cause a denial of service. This entry is tied to an incomplete fix for CVE-2021-3514. What’s affected (from connected docs): 38...
Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2022-2437)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-2850
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service...
389-ds-base: sync_repl NULL pointer dereference in sync_create_state_control()
A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. The highest threat from this vulnerability is t...