SUSE CVE-2026-44063

An LDAP injection vulnerability in Netatalk 2.1.0 through 4.4.2 allows a remote authenticated attacker to manipulate LDAP queries and obtain limited information or modify LDAP entries via crafted filter input...

CVE-2026-44063 LDAP filter injection

An LDAP injection vulnerability in Netatalk 2.1.0 through 4.4.2 allows a remote authenticated attacker to manipulate LDAP queries and obtain limited information or modify LDAP entries via crafted filter input...

bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java

A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The LDAPStoreHelper implementation fails to properly neutralize special elements in user-supplied input before incorporating them into LDAP queries. This allows a remote attacker to execute an LDAP injection attack by supplying...

bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java

A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The LDAPStoreHelper implementation fails to properly neutralize special elements in user-supplied input before incorporating them into LDAP queries. This allows a remote attacker to execute an LDAP injection attack by supplying...

SUSE CVE-2026-33609

Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...

CVE-2026-33609

Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...

CVE-2026-33609

Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...

CVE-2026-40459

CVE-2026-40459 concerns the PAC4J library, which is vulnerable to LDAP Injection in multiple methods. A low-privileged, remote attacker can inject crafted LDAP syntax into ID-based search parameters, potentially causing unauthorized LDAP queries and arbitrary directory operations. The vulnerabili...

CVE-2025-35431

CISA Thorium does not escape user controlled strings used in LDAP queries. An authenticated remote attacker can modify LDAP authorization data such as group memberships. Fixed in 1.1.1...

CVE-2025-35431

CVE-2025-35431 affects CISA Thorium: LDAP injection arises from not escaping user-controlled LDAP query strings. An authenticated remote attacker could modify LDAP authorization data (e.g., group memberships). Root cause is lack of escaping in LDAP queries; impact includes potential unauthorized ...

CISA Thorium multiple vulnerabilities

RISK EVALUATION CISA Thorium is a framework used for malware analysis. Multiple vulnerabilities were reported in Thorium. Impacts include denial of service, authenticated arbitrary file read, and failure to expire previously issued user tokens. 2. RECOMMENDED PRACTICES These issues were...

USN-5424-2 openldap vulnerability

USN-5424-1 fixed a vulnerability in OpenLDAP. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that OpenLDAP incorrectly handled certain SQL statements within LDAP queries in the experimental back-sql backend. A...

Samba Resource Management Error Vulnerability (CNVD-2020-32368)

Samba is a set of free software from the Samba team that enables UNIX series operating systems to connect to the SMB/CIFS network protocol of Microsoft Windows operating systems. The program supports sharing printers, transferring data files to each other, and so on. A resource management error...

USN-3179-1 openjdk-8 vulnerabilities

Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update moves those algorithms to the legacy algorithm set and causes...

Tor Directory Queries Information Disclosure Vulnerability - Linux

Tor is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Tor < 0.2.1.22, 0.2.2.x < 0.2.2.7-alpha Directory Queries Information Disclosure Vulnerability - Windows

Tor is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...