EUVD-2026-32718

A flaw was found in Keycloak. A remote attacker with high privileges, such as a realm administrator configuring a malicious Lightweight Directory Access Protocol LDAP server or an attacker compromising an upstream LDAP server, could exploit this vulnerability. By sending a malformed LDAP password...

Zabbix 6.0.x < 6.0.41 / 7.0.x < 7.0.18 / 7.2.x < 7.2.12 / 7.4.x < 7.4.2 Multiple Vulnerabilities

The version of Zabbix Server installed on the remote host is prior to 6.0.41, 7.0.18, 7.2.12, 7.4.2. It is, therefore, affected by multiple vulnerabilities : - An issue exists due to the LDAP 'Bind password' value being leaked when a Super Admin changes the LDAP 'Host' to a rogue LDAP server. An...

GHSA-PRH4-VHFH-24MJ Harbor: LDAP password and OIDC secret are not redacted in the audit log

Impact Harbor write configuration payload to audit log when configuration change, the ldapsearchpassword and oidcclientsecret will be logged in the audit log without redacted Patches Harbor v2.15.0, v2.14.3, v2.13.5 Workarounds Disable audit log configure event in Harbor Web Console: Go to...

Harbor: LDAP password and OIDC secret are not redacted in the audit log

Impact Harbor write configuration payload to audit log when configuration change, the ldapsearchpassword and oidcclientsecret will be logged in the audit log without redacted Patches Harbor v2.15.0, v2.14.3, v2.13.5 Workarounds Disable audit log configure event in Harbor Web Console: Go to...

EUVD-1999-1073

Malware in sbrugna...

PVS Configuration Wizard fails when connecting to the database

The customer has PVS servers running in Azure. In the PVS Configuration Wizard, in the "Database Server" dialogue when specifying Authentication "Active Directory Password ", and proceeding with specifying a domain username and password results in an error...

CVE-2020-17477

Incorrect LDAP ACLs in ucs-school-ldap-acls-master in UCS@school before 4.4v5-errata allow remote teachers, staff, and school administrators to read LDAP password hashes sambaNTPassword, krb5Key, sambaPasswordHistory, and pwhistory via LDAP search requests. For example, a teacher can gain...

PT-2023-22011 · Apereo · Apereo Cas

Name of the Vulnerable Software and Affected Versions: Apereo CAS versions prior to 6.6.6 Description: The issue concerns Apereo CAS, an open source single sign-on solution. It can be configured to use authentication based on client X509 certificates, which can be provided via TLS handshake or a...

SUSE CVE-2013-2006

OpenStack Identity Keystone Grizzly 2013.1.1, when DEBUG mode logging is enabled, logs the 1 admintoken and 2 LDAP password in plaintext, which allows local users to obtain sensitive by reading the log file...

Jenkins Plugin Reverse Proxy Auth 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

Broadcom Symantec Messaging Gateway (SMG) 信息泄露漏洞

Broadcom Symantec Messaging Gateway Broadcom SMG is an internal email security solution from Broadcom, Inc. An information disclosure vulnerability exists in Broadcom Symantec Messaging Gateway SMG version 10.7, which originates from an authenticated, malicious SMG administrator user being able t...

PYSEC-2022-43150

Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used for ldap password, which may lead to information disclosure...

Atlassian Crowd Remote Directory Password Vulnerability

Atlassian Crowd is a Web-based single sign-on system from Atlassian Australia. The system provides authentication, authorization, and other functions for multiple users, web applications, and directory servers. A security vulnerability exists in Atlassian Crowd versions prior to 2.10.1. An attack...

PYSEC-2013-40

OpenStack Identity Keystone Grizzly 2013.1.1, when DEBUG mode logging is enabled, logs the 1 admintoken and 2 LDAP password in plaintext, which allows local users to obtain sensitive by reading the log file...