Lucene search
K

336 matches found

CVE
CVE
added 2026/03/25 8:18 p.m.12 views

CVE-2026-33248

NATS-Server has an authentication bypass vulnerability in mTLS verify_and_map where certain RDN patterns in the client certificate Subject DN were not correctly enforced. A valid certificate from a trusted CA could bypass identity checks on versions prior to 2.11.15 and 2.12.6. The issue is consi...

4.2CVSS5.8AI score0.00143EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2026/03/25 8:18 p.m.6 views

CVE-2026-33248

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using mTLS for client identity, with verifyandmap to derive a NATS identity from the client certificate's Subject DN, certain patterns of RDN would not be...

4.2CVSS5.8AI score0.00143EPSS
Exploits0
OSV
OSV
added 2026/03/25 10:48 a.m.3 views

SUSE-SU-2026:20933-1 Security update for python-ldap

This update for python-ldap fixes the following issues: - CVE-2025-61911: Enforce str for escapefilterchars bsc1251912. - CVE-2025-61912: Escape NULs as per RFC 4514 in escapednchars bsc1251913...

6.9CVSS5.9AI score0.00427EPSS
Exploits2References5
NVD
NVD
added 2026/03/19 10:16 p.m.11 views

CVE-2026-30871

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6 and 25.12.1, the mdns daemon has a Stack-based Buffer Overflow vulnerability in the parsequestion function. The issue is triggered by PTR queries for reverse DNS domains .in-addr.arpa and .ip6.arp...

9.8CVSS0.01211EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/19 9:49 p.m.4 views

CVE-2026-30871

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6 and 25.12.1, the mdns daemon has a Stack-based Buffer Overflow vulnerability in the parsequestion function. The issue is triggered by PTR queries for reverse DNS domains .in-addr.arpa and .ip6.arp...

9.5CVSS5.9AI score0.01211EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/17 12:0 a.m.6 views

EulerOS Virtualization 2.12.1 : python-ldap (EulerOS-SA-2026-1456)

According to the versions of the python-ldap packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitizatio...

6.9CVSS6.5AI score0.00427EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/03/17 12:0 a.m.6 views

EulerOS Virtualization 2.10.0 : python-ldap (EulerOS-SA-2026-1563)

According to the versions of the python-ldap packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitizatio...

6.9CVSS6.5AI score0.00427EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.5 views

EulerOS 2.0 SP12 : python-ldap (EulerOS-SA-2026-1377)

According to the versions of the python-ldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method...

6.9CVSS5.9AI score0.00427EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.7 views

EulerOS 2.0 SP12 : python-ldap (EulerOS-SA-2026-1408)

According to the versions of the python-ldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method...

6.9CVSS5.9AI score0.00427EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.7 views

EulerOS Virtualization 2.10.1 : python-ldap (EulerOS-SA-2026-1543)

According to the versions of the python-ldap packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitizatio...

6.9CVSS6.5AI score0.00427EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.7 views

EulerOS 2.0 SP10 : python-ldap (EulerOS-SA-2026-1346)

According to the versions of the python-ldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method...

6.9CVSS5.9AI score0.00427EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/02/11 12:0 a.m.8 views

Fedora 43 : p11-kit (2026-f1fabb2a49)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-f1fabb2a49 advisory. Notable changes from the rebase: pkcs11: Update PKCS11 headers to version 3.2 rpc: fix NULL dereference via CDeriveKey with specific NULL parameters...

7.5CVSS6AI score0.0116EPSS
Exploits0References2
OSV
OSV
added 2026/01/30 12:27 p.m.7 views

OESA-2026-1248 python-ldap security update

python-ldap: python-ldap provides an object-oriented API to access LDAP directory servers from Python programs. Mainly it wraps the OpenLDAP 2.x libs for that purpose. Additionally the package contains modules for other LDAP-related stuff e.g. processing LDIF, LDAPURLs, LDAPv3 schema, LDAPv3...

6.9CVSS6.6AI score0.00427EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 7 : 389-ds-base-1.3.10.2-12.el7 (AXSA:2021-1847:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1847:03 advisory. 389-ds-base: information disclosure during the binding of a DN CVE-2020-35518 Tenable has extracted the preceding description block directly from the...

5.3CVSS5.6AI score0.01538EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : 389-ds:1.4 (AXSA:2021-1657:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1657:01 advisory. 389-ds-base: information disclosure during the binding of a DN CVE-2020-35518 Tenable has extracted the preceding description block directly from the...

5.3CVSS5.6AI score0.01538EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

MiracleLinux 4 : 389-ds-base-1.2.11.15-91.AXS4 (AXSA:2017-1583:03)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1583:03 advisory. 389 Directory Server is an LDAPv3 compliant server. The base package includes the LDAP server and command line utilities for server administration. Security...

6.5CVSS6.4AI score0.02627EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

MiracleLinux 7 : 389-ds-base-1.3.7.5-28.el7 (AXSA:2018-3329:08)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-3329:08 advisory. 389-ds-base: race condition on reference counter leads to DoS using persistent search CVE-2018-10850 389-ds-base: ldapsearch with server side sort...

7.5CVSS6.8AI score0.0265EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.4 views

MiracleLinux 4 : bind-dyndb-ldap-1.1.0-0.9.b1.1.0.1.AXS4 (AXSA:2012-834:04)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2012-834:04 advisory. This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP serve...

5CVSS6.7AI score0.03072EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/01/09 8:48 a.m.4 views

CVE-2025-23753

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in digireturn DN Sitemap Control dn-sitemap-control allows Reflected XSS.This issue affects DN Sitemap Control: from n/a through = 1.0.6...

7.1CVSS5.9AI score0.00363EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.4 views

EulerOS Virtualization 2.13.1 : python-ldap (EulerOS-SA-2025-2629)

According to the versions of the python-ldap packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitizatio...

6.9CVSS6.4AI score0.00427EPSS
Exploits2References3
Rows per page
Query Builder