CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Snyk•added 2026/04/15 10:16 a.m.•6 views

LDAP Injection

Overview Affected versions of this package are vulnerable to LDAP Injection via the parseDN handling and the LDAP store helpers in X509LDAPCertStoreSpi and LDAPStoreHelper. An attacker can influence LDAP search filters by supplying a crafted X.500 subject or issuer string that is parsed into an...

7.3CVSS5.7AI score0.00494EPSS

Tenable Nessus•added 2025/11/13 12:0 a.m.•3 views

Siemens SIMATIC S7-1500 Reachable Assertion (CVE-2020-36230)

A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

7.5CVSS6.8AI score0.1229EPSS

Exploits0References3

Tenable Nessus•added 2025/08/30 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2020-36230

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial...

7.5CVSS8.8AI score0.1229EPSS

F5 Networks•added 2024/06/18 6:22 p.m.•51 views

K000140040: OpenLDAP slapd vulnerabilities CVE-2020-36230, CVE-2020-36229, CVE-2017-17740, CVE-2017-9287, and CVE-2017-14159

Security Advisory Description CVE-2020-36230 A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service. CVE-2020-36229 A flaw was discovered in ldapX509dn2bv in OpenLDAP before 2.4.57...

7.5CVSS6.5AI score0.1229EPSS

Exploits1

SUSE CVE•added 2023/10/31 2:27 a.m.•1 views

SUSE CVE-2021-3480

A flaw was found in slapi-nis in versions before 0.56.7. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability...

7.5CVSS6.7AI score0.01669EPSS

SUSE CVE•added 2023/02/15 3:50 a.m.•2 views

SUSE CVE-2020-36230

A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service...

7.5CVSS8.9AI score0.1229EPSS

Exploits0References122

OpenVAS•added 2021/12/31 12:0 a.m.•8 views

Huawei EulerOS: Security Advisory for openldap (EulerOS-SA-2021-2895)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8AI score0.84224EPSS

Exploits1References2

Tenable Nessus•added 2021/07/01 12:0 a.m.•31 views

EulerOS Virtualization 3.0.6.6 : openldap (EulerOS-SA-2021-2029)

According to the versions of the openldap packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c...

Tenable Nessus•added 2021/06/30 12:0 a.m.•27 views

EulerOS Virtualization for ARM 64 3.0.6.0 : openldap (EulerOS-SA-2021-2004)

According to the versions of the openldap packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the...

RedHat Linux•added 2021/05/19 8:46 a.m.•1 views

slapi-nis: NULL dereference (DoS) with specially crafted Binding DN

A flaw was found in slapi-nis. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability...

7.5CVSS5.7AI score0.01669EPSS

Exploits0References4

Tenable Nessus•added 2021/05/18 12:0 a.m.•39 views

EulerOS 2.0 SP5 : openldap (EulerOS-SA-2021-1906)

According to the versions of the openldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via ...

Tenable Nessus•added 2021/04/30 12:0 a.m.•41 views

EulerOS 2.0 SP3 : openldap (EulerOS-SA-2021-1824)

According to the versions of the openldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was discovered in ldapX509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in adkeystring, resulting in...

Veracode•added 2021/04/29 12:13 p.m.•31 views

Denial Of Service (DoS)

openldap is vulnerable to denial of service. An assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement results in a denial of service condition...

7.5CVSS3.1AI score0.1229EPSS

Exploits0References18Affected Software1

Tenable Nessus•added 2021/04/15 12:0 a.m.•27 views

EulerOS Virtualization 2.9.1 : openldap (EulerOS-SA-2021-1719)

According to the versions of the openldap packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateChec...

Tenable Nessus•added 2021/03/10 12:0 a.m.•35 views

SUSE SLED15 / SLES15 Security Update : openldap2 (SUSE-SU-2021:0723-1)

This update for openldap2 fixes the following issues : bsc1182408 CVE-2020-36230 - an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service. bsc1182411 CVE-2020-36229 - ldapX509dn2bv crash in the X.509 DN parsing in adkeystring, resulting in...

7.5CVSS6.9AI score0.84224EPSS

Exploits1References34

Mageia•added 2021/03/04 4:53 p.m.•45 views

Updated openldap packages fix security vulnerabilities

It was discovered that OpenLDAP incorrectly handled Certificate Exact Assertion processing. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service CVE-2020-36221. It was discovered that OpenLDAP incorrectly handled saslAuthzTo processing. A...

7.5CVSS2.7AI score0.84224EPSS

Exploits1References3

Ubuntu•added 2021/02/08 12:55 p.m.•139 views

USN-4724-1: OpenLDAP vulnerabilities

It was discovered that OpenLDAP incorrectly handled Certificate Exact Assertion processing. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. CVE-2020-36221 It was discovered that OpenLDAP incorrectly handled saslAuthzTo processing. A...

7.5CVSS7.5AI score0.84224EPSS

Exploits0

Tenable Nessus•added 2021/02/05 12:0 a.m.•36 views

EulerOS 2.0 SP9 : openldap (EulerOS-SA-2021-1250)

According to the versions of the openldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resultin...