Lucene search
K

56 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:32 a.m.2 views

SUSE CVE-2022-2850

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix ...

6.5CVSS6.3AI score0.01238EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2023/01/26 5:15 p.m.3 views

389-ds-base: SIGSEGV in sync_repl

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service...

6.5CVSS5.8AI score0.01238EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/12/07 11:55 a.m.5 views

389-ds-base: SIGSEGV in sync_repl

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service...

6.5CVSS5.8AI score0.01238EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2022/12/07 12:0 a.m.40 views

Amazon Linux 2 : 389-ds-base (ALAS-2022-1879)

The version of 389-ds-base installed on the remote host is prior to 1.3.10.2-17. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1879 advisory. A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL...

6.5CVSS6.7AI score0.01238EPSS
Exploits1References3
Amazon
Amazon
added 2022/12/06 12:0 a.m.31 views

Medium: 389-ds-base

Issue Overview: A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. CVE-2022-2850 Affected Packages...

6.5CVSS6.7AI score0.01238EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2022/11/29 2:5 p.m.3 views

389-ds-base: SIGSEGV in sync_repl

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service...

6.5CVSS5.8AI score0.01238EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2022/11/19 12:0 a.m.95 views

AlmaLinux 9 : 389-ds-base (ALSA-2022:8162)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:8162 advisory. - A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denia...

7.5CVSS6.7AI score0.05914EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2022/11/17 12:0 a.m.34 views

Rocky Linux 8 : 389-ds:1.4 (RLSA-2022:7133)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:7133 advisory. - A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a special...

6.5CVSS6.6AI score0.01238EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2022/11/15 1:30 p.m.4 views

389-ds-base: SIGSEGV in sync_repl

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service...

6.5CVSS5.8AI score0.01238EPSS
Exploits1References4
Veracode
Veracode
added 2022/11/10 12:44 a.m.23 views

Denial Of Service (DoS)

389-ds-base is vulnerable to Denial Of Service DoS. The vulnerability exists when the content synchronization plugin is enabled, allowing an attacker crash the application through the null pointer dereference by providing a maliciously crafted query...

6.5CVSS6.3AI score0.01238EPSS
Exploits1References11Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/10/28 12:0 a.m.45 views

AlmaLinux 8 : 389-ds:1.4 (ALSA-2022:7133)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:7133 advisory. 389-ds-base: SIGSEGV in syncrepl CVE-2022-2850 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that Nessu...

6.5CVSS6.9AI score0.01238EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/10/27 12:0 a.m.27 views

Oracle Linux 8 : 389-ds:1.4 (ELSA-2022-7133)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-7133 advisory. 1.4.3.28-8 - Bump version to 1.4.3.28-8 - Resolves: Bug 2131743 - SIGSEGV in syncrepl Tenable has extracted the preceding description block directly from the...

6.5CVSS6.9AI score0.01238EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2022/10/25 9:8 a.m.3 views

389-ds-base: SIGSEGV in sync_repl

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service...

6.5CVSS5.8AI score0.01238EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/10/25 7:33 a.m.7 views

389-ds-base: SIGSEGV in sync_repl

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service...

6.5CVSS5.8AI score0.01238EPSS
Exploits1References4
NVD
NVD
added 2022/10/14 6:15 p.m.25 views

CVE-2022-2850

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix ...

6.5CVSS0.01238EPSS
Exploits1References4
OSV
OSV
added 2022/10/14 6:15 p.m.22 views

CVE-2022-2850

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix ...

6.5CVSS6.2AI score0.01238EPSS
Exploits1References4
OSV
OSV
added 2022/10/14 6:15 p.m.2 views

DEBIAN-CVE-2022-2850

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix ...

6.5CVSS6.6AI score0.01238EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2022/10/14 6:15 p.m.33 views

CVE-2022-2850

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix ...

6.5CVSS6.7AI score0.01238EPSS
Exploits1References4
OSV
OSV
added 2022/10/14 6:15 p.m.5 views

UBUNTU-CVE-2022-2850

A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix ...

6.5CVSS6.7AI score0.01238EPSS
Exploits1References5
CVE
CVE
added 2022/10/14 12:0 a.m.232 views

CVE-2022-2850

Summary: CVE-2022-2850 affects 389-ds-base where the Content Synchronization plugin, when enabled, allows an authenticated user to trigger a NULL pointer dereference and cause a denial of service. This entry is tied to an incomplete fix for CVE-2021-3514. What’s affected (from connected docs): 38...

6.5CVSS6.3AI score0.01238EPSS
Exploits1References4Affected Software2
Rows per page
Query Builder