24 matches found
EUVD-2016-3226
Malware in sbrugna...
EUVD-2016-7423
Malware in sbrugna...
EUVD-2021-29727
Malicious code in bioql PyPI...
SUSE CVE-2025-59149
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In version 8.0.0, rules using keyword ldap.responses.attributetype which is long with transforms can lead to a stack buffer overflow during Suricata startup or duri...
CVE-2025-59149
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In version 8.0.0, rules using keyword ldap.responses.attributetype which is long with transforms can lead to a stack buffer overflow during Suricata startup or duri...
UBUNTU-CVE-2025-59149
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In version 8.0.0, rules using keyword ldap.responses.attributetype which is long with transforms can lead to a stack buffer overflow during Suricata startup or duri...
CVE-2025-59149
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In version 8.0.0, rules using keyword ldap.responses.attributetype which is long with transforms can lead to a stack buffer overflow during Suricata startup or duri...
CVE-2025-59149 Suricata: Stack buffer overflow in rule parser when processing long keywords with transforms
Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In version 8.0.0, rules using keyword ldap.responses.attributetype which is long with transforms can lead to a stack buffer overflow during Suricata startup or duri...
CVE-2021-42770
A Cross-site scripting XSS vulnerability was discovered in OPNsense before 21.7.4 via the LDAP attribute return in the authentication tester...
SUSE CVE-2020-1746
A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldapattr and ldapentry community modules are used. The issue...
DSInternals Credential Roaming Elevation of Privilege Vulnerability
Impact A vulnerability exists in the DSInternals.Common.Data.RoamedCredential.Save method, which incorrectly parses the msPKIAccountCredentials LDAP attribute values. As a consequence, a malicious actor would be able to modify the file system of the computer where an application using this functi...
Role Base Constrained Delegation
This module can read and write the necessary LDAP attributes to configure a particular object for Role Based Constrained Delegation RBCD. When writing, the module will add an access control entry to allow the account specified in DELEGATEFROM to the object specified in DELEGATETO. In order for th...
PT-2022-5620 · Microsoft · Windows Server +1
Name of the Vulnerable Software and Affected Versions: Windows Credential Roaming Service versions prior to 4.8 microsoft windows server 2008 r2, - microsoft windows server 2012 r2, - microsoft windows 10 1607, 1809, 21h1, -, 21h2, 20h2 microsoft windows 8.1 - microsoft windows server 2016 -...
CVE-2020-1958
When LDAP authentication is enabled in Apache Druid 0.17.0, callers of Druid APIs with a valid set of LDAP credentials can bypass the credentialsValidator.userSearch filter barrier that determines if a valid LDAP user is allowed to authenticate with Druid. They are still subject to role-based...
Exploit for Injection in Apache Archiva
CVE-2020-9495 PoC CVE-2020-9495 is medium severity LDAP injec...
PYSEC-2020-13
A flaw was found in the Ansible Engine affecting Ansible Engine versions 2.7.x before 2.7.17 and 2.8.x before 2.8.11 and 2.9.x before 2.9.7 as well as Ansible Tower before and including versions 3.4.5 and 3.5.5 and 3.6.3 when the ldapattr and ldapentry community modules are used. The issue...
ansible: Information disclosure issue in ldap_attr and ldap_entry modules
A flaw was found in the Ansible Engine when the ldapattr and ldapentry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bindpw in the parameters field. The highest threat from this vulnerability is data...
ansible: Information disclosure issue in ldap_attr and ldap_entry modules
A flaw was found in the Ansible Engine when the ldapattr and ldapentry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bindpw in the parameters field. The highest threat from this vulnerability is data...
ansible: Information disclosure issue in ldap_attr and ldap_entry modules
A flaw was found in the Ansible Engine when the ldapattr and ldapentry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bindpw in the parameters field. The highest threat from this vulnerability is data...
CVE-2016-6496
The LDAP directory connector in Atlassian Crowd before 2.8.8 and 2.9.x before 2.9.5 allows remote attackers to execute arbitrary code via an LDAP attribute with a crafted serialized Java object, aka LDAP entry poisoning...