Lucene search
K

1800 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in the 389-DS-base

A flaw was discovered in 389-ds-base. If an asterisk is imported as password hashes, either accidentally or maliciously, then any password will successfully match during authentication, instead of being inactive. This flaw allows an attacker to successfully authenticate as a user whose password h...

6.5CVSS6.6AI score0.01428EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in the 389-DS-base

A heap overflow flaw was discovered in 389-ds-base. This issue causes a denial of service when writing a value larger than 256 characters in logentryattr...

5.5CVSS6.1AI score0.00304EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in the 389-DS-base

In the 389-ds-base up to version 1.4.1.2, requests are processed by worker threads. Each socket is waited for by the worker for no more than ‘ioblocktimeout’ seconds. However, this timeout applies only to un-encrypted requests. Connections that use SSL/TLS do not take this timeout into account...

7.5CVSS6.3AI score0.08426EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in the 389-DS-base

The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying userPassword using malformed input...

5.7CVSS6.6AI score0.00423EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in the 389-DS-base

A flaw has been discovered in 389-ds-base versions 1.4.x.x prior to 1.4.1.3. When executed in verbose mode, the dscreate and dsconf commands may display sensitive information, such as the Directory Manager password. An attacker who can view the screen or record the terminal’s standard error outpu...

4.6CVSS6.1AI score0.00396EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in the 389-DS-base

A flaw was discovered in 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can access a NULL pointer dereferencing using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is associated with an incomple...

6.5CVSS6.7AI score0.01238EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in slapi-nis

A flaw was discovered in slapi-nis in versions prior to 0.56.7. A NULL pointer dereferencing during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The greatest threat from this vulnerability is to system availability...

7.5CVSS7.1AI score0.01701EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Mariadb 10.3

MariaDB Server before version 10.7 is vulnerable to Denial of Service attacks. In the file extra/mariabackup/dscompress.cc, when an error occurs i.e., transitioning to the error label during the execution of the createworkerthreads method, the held lock thd-ctrlmutex is not released properly. Thi...

5.5CVSS6.8AI score0.00222EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in the 389-DS-base

A flaw was discovered in the 389 Directory Server. This flaw allows an unauthenticated user to cause a systematic server crash while sending a specific extended search request, resulting in a denial of service...

6.5CVSS6.5AI score0.00923EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in the 389-DS-base

A flaw was discovered in 389-ds-base. A specially crafted LDAP query may potentially cause a failure on the directory server, resulting in a denial of service...

7.5CVSS6.9AI score0.01256EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.13 views

PT-2026-42138

Name of the Vulnerable Software and Affected Versions 389-ds-base affected versions not specified Description A flaw exists in the LDAP server where the get ldapmessage controls ext function fails to enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated...

7.5CVSS5.8AI score0.00815EPSS
Exploits0References54
Cvelist
Cvelist
added 2026/05/13 9:26 p.m.43 views

CVE-2026-42463 SQLBot: Unauthorized Access Vulnerability

SQLBot is an intelligent Text-to-SQL system based on large language models and RAG. Prior to 1.8.0, SQLBot contains a Cross-Workspace IDOR Insecure Direct Object Reference and Authorization Bypass vulnerability in the /api/v1/datasource/exportDsSchema and /api/v1/datasource/uploadDsSchema...

8.6CVSS0.00249EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/05/10 12:0 a.m.7 views

SUSE SLES15 Security Update : 389-ds (SUSE-SU-2026:1753-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1753-1 advisory. Update to version 2.0.20git89.937b1f291. Security issues fixed: - CVE-2025-14905: heap buffer overflow due to improper size calculation in...

7.2CVSS6AI score0.01038EPSS
Exploits0References4
OSV
OSV
added 2026/05/07 1:54 p.m.5 views

SUSE-SU-2026:1753-1 Security update for 389-ds

This update for 389-ds fixes the following issues: Update to version 2.0.20git89.937b1f291. Security issues fixed: - CVE-2025-14905: heap buffer overflow due to improper size calculation in schemaattrenumcallback callback bsc1258727. Other updates and bugfixes: - Issue 7224 - CI Test - Simplify...

7.2CVSS6AI score0.01038EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/07 2:17 a.m.10 views

SUSE CVE-2026-43191

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adjust PHY FSM transition to TXEN-to-PLLON for TMDS on DCN35 Why A backport of the change made for DCN401 that addresses an issue where we turn off the PHY PLL when disabling TMDS output, which causes the OTG to...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/26 12:0 a.m.15 views

dynamic-datasource-spring-boot-starter 注入漏洞

dynamic-datasource-spring-boot-starter is a fast integration multi-data-source starter developed by baomidou under the Open Source project. Version 2.5.0 of dynamic-datasource-spring-boot-starter contains an injection vulnerability. This vulnerability stems from improper handling of the...

6.5CVSS6.6AI score0.00237EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/24 12:0 a.m.7 views

TencentOS Server 3: 389-ds:1.4 (TSSA-2026:0243)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0243 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

7.2CVSS6.2AI score0.01038EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.10 views

Alibaba Cloud Linux 3 : 0072: 389-ds:1.4 (ALINUX3-SA-2026:0072)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0072 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-14905: A flaw was found in the 389-ds-base...

7.2CVSS6.2AI score0.01038EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.3 views

Oracle Linux 7 : 389-ds-base (ELSA-2026-6220)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-6220 advisory. - Security fix for CVE-2025-14905 Orabug: 39146844 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

7.2CVSS5.8AI score0.01038EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/04/15 3:31 p.m.10 views

abi-ds-utils (=1.0.1), acceldata-o2a (=1.0.0) +156 more potentially affected by CVE-2026-25219 via apache-airflow (>=1.8.2 <=3.1.7)

apache-airflow PYPI version =1.8.2, =0.8.44.4, =1.4.0.3.post4, =1.4.0.3.post3, =0.1.0rc3, =0.1.0, =0.2.1, =0.2.9b1, =0.4.0, =0.1.0a1, =0.6.0, =0.1.1, =0.6.4 and more Source cves: CVE-2026-25219 Source advisory: OSV:GHSA-4G48-54Q2-FG7Q...

6.5CVSS5.7AI score0.00552EPSS
Exploits0
Rows per page
Query Builder