336 matches found
CVE-2026-33248
NATS-Server has an authentication bypass vulnerability in mTLS verify_and_map where certain RDN patterns in the client certificate Subject DN were not correctly enforced. A valid certificate from a trusted CA could bypass identity checks on versions prior to 2.11.15 and 2.12.6. The issue is consi...
CVE-2026-33248
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using mTLS for client identity, with verifyandmap to derive a NATS identity from the client certificate's Subject DN, certain patterns of RDN would not be...
SUSE-SU-2026:20933-1 Security update for python-ldap
This update for python-ldap fixes the following issues: - CVE-2025-61911: Enforce str for escapefilterchars bsc1251912. - CVE-2025-61912: Escape NULs as per RFC 4514 in escapednchars bsc1251913...
CVE-2026-30871
OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6 and 25.12.1, the mdns daemon has a Stack-based Buffer Overflow vulnerability in the parsequestion function. The issue is triggered by PTR queries for reverse DNS domains .in-addr.arpa and .ip6.arp...
CVE-2026-30871
OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6 and 25.12.1, the mdns daemon has a Stack-based Buffer Overflow vulnerability in the parsequestion function. The issue is triggered by PTR queries for reverse DNS domains .in-addr.arpa and .ip6.arp...
EulerOS Virtualization 2.12.1 : python-ldap (EulerOS-SA-2026-1456)
According to the versions of the python-ldap packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitizatio...
EulerOS Virtualization 2.10.0 : python-ldap (EulerOS-SA-2026-1563)
According to the versions of the python-ldap packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitizatio...
EulerOS 2.0 SP12 : python-ldap (EulerOS-SA-2026-1377)
According to the versions of the python-ldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method...
EulerOS 2.0 SP12 : python-ldap (EulerOS-SA-2026-1408)
According to the versions of the python-ldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method...
EulerOS Virtualization 2.10.1 : python-ldap (EulerOS-SA-2026-1543)
According to the versions of the python-ldap packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitizatio...
EulerOS 2.0 SP10 : python-ldap (EulerOS-SA-2026-1346)
According to the versions of the python-ldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method...
Fedora 43 : p11-kit (2026-f1fabb2a49)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-f1fabb2a49 advisory. Notable changes from the rebase: pkcs11: Update PKCS11 headers to version 3.2 rpc: fix NULL dereference via CDeriveKey with specific NULL parameters...
OESA-2026-1248 python-ldap security update
python-ldap: python-ldap provides an object-oriented API to access LDAP directory servers from Python programs. Mainly it wraps the OpenLDAP 2.x libs for that purpose. Additionally the package contains modules for other LDAP-related stuff e.g. processing LDIF, LDAPURLs, LDAPv3 schema, LDAPv3...
MiracleLinux 7 : 389-ds-base-1.3.10.2-12.el7 (AXSA:2021-1847:03)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1847:03 advisory. 389-ds-base: information disclosure during the binding of a DN CVE-2020-35518 Tenable has extracted the preceding description block directly from the...
MiracleLinux 8 : 389-ds:1.4 (AXSA:2021-1657:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1657:01 advisory. 389-ds-base: information disclosure during the binding of a DN CVE-2020-35518 Tenable has extracted the preceding description block directly from the...
MiracleLinux 4 : 389-ds-base-1.2.11.15-91.AXS4 (AXSA:2017-1583:03)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1583:03 advisory. 389 Directory Server is an LDAPv3 compliant server. The base package includes the LDAP server and command line utilities for server administration. Security...
MiracleLinux 7 : 389-ds-base-1.3.7.5-28.el7 (AXSA:2018-3329:08)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-3329:08 advisory. 389-ds-base: race condition on reference counter leads to DoS using persistent search CVE-2018-10850 389-ds-base: ldapsearch with server side sort...
MiracleLinux 4 : bind-dyndb-ldap-1.1.0-0.9.b1.1.0.1.AXS4 (AXSA:2012-834:04)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2012-834:04 advisory. This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP serve...
CVE-2025-23753
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in digireturn DN Sitemap Control dn-sitemap-control allows Reflected XSS.This issue affects DN Sitemap Control: from n/a through = 1.0.6...
EulerOS Virtualization 2.13.1 : python-ldap (EulerOS-SA-2025-2629)
According to the versions of the python-ldap packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitizatio...