CVE-2022-23236

E-Series SANtricity OS Controller Software versions 11.40 through 11.70.2 store the LDAP BIND password in plaintext within a file accessible only to privileged users...

CVE-1999-0385

The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands...

SUSE CVE-2025-13357

Vault's Terraform Provider incorrectly set the default denynullbind parameter for the LDAP auth method to false by default, potentially resulting in an insecure configuration. If the underlying LDAP server allowed anonymous or unauthenticated binds, this could result in authentication bypass. Thi...

EUVD-2014-8565

Malware in sbrugna...

EUVD-2012-6443

Malware in sbrugna...

EUVD-1999-0385

Malware in sbrugna...

EUVD-2014-3930

Malware in sbrugna...

EUVD-2008-7241

Malware in sbrugna...

EUVD-2013-5412

Malware in sbrugna...

EUVD-2017-17859

Malware in sbrugna...

EUVD-2024-33682

Malicious code in bioql PyPI...

EUVD-2022-28323

Malicious code in bioql PyPI...

EUVD-2023-37421

Malicious code in bioql PyPI...

CVE-2025-27231

CVE-2025-27231 involves leakage of the LDAP Bind password in Zabbix deployments. According to connected advisories, the issue allows a Super Admin to exfiltrate the Bind password by altering the LDAP Host to a rogue server, even though the password cannot be read after saving under normal conditi...

CVE-2025-20370 Denial of Service (DoS) through Multiple LDAP Bind Requests in Splunk Enterprise

In Splunk Enterprise versions below 10.0.1, 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.108, 9.3.2408.118 and 9.2.2406.123, a user who holds a role that contains the high-privilege capability changeauthentication, could send multiple LDAP bind requests to a specific...

CVE-2024-11193

An information disclosure vulnerability exists in Yugabyte Anywhere, where the LDAP bind password is logged in plaintext within application logs. This flaw results in the unintentional exposure of sensitive information in Yugabyte Anywhere logs, potentially allowing unauthorized users with access...

CVE-2023-33254

There is an LDAP bind credentials exposure on KACE Systems Deployment and Remote Site appliances 9.0.146. The captured credentials may provide a higher privilege level on the Active Directory domain. To exploit this, an authenticated attacker edits the user-authentication settings to specify an...

CVE-2022-25805

An issue was discovered in the IGEL Universal Management Suite UMS 6.07.100. The transmission of cleartext LDAP bind credentials by the cmdmgtloadmgttree command allows an attacker who can intercept or inspect traffic between an authenticated UMS client and server to compromise those LDAP bind...

CVE-2013-3278

EMC VPLEX before VPLEX GeoSynchrony 5.2 SP1 uses cleartext for storage of the LDAP/AD bind password, which allows local users to obtain sensitive information by reading the management-server configuration file...

CVE-2008-7288

IBM Tivoli Directory Server TDS 5.2 before 5.2.0.5-TIV-ITDS-LA0007 on AIX allows remote attackers to cause a denial of service server destabilization via an anonymous DIGEST-MD5 LDAP Bind operation...