25 matches found
EUVD-2006-0460
Malware in sbrugna...
EUVD-2006-0458
Malware in sbrugna...
EUVD-2022-2111
Malicious code in bioql PyPI...
CVE-2018-2588
It was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class...
Information Disclosure
Oracle Java SE is vulnerable to information disclosure . This is because the LDAP component of OpenJDK fails to properly encode special characters in user names when adding them to an LDAP search query. Remote attackers could possibly use this flaw to manipulate LDAP queries performed by the...
Sensiolabs Symfony 2.8.x < 2.8.37, 3.3.x < 3.3.17, 3.4.x < 3.4.7 and 4.0.x < 4.0.7 Authentication Bypass Vulnerability
This host runs Symfony and is prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Symfony Authentication Bypass Vulnerability
Sensio Labs Symfony is a French company Sensio Labs set of free , MVC-based PHP development framework , which provides commonly used functional components and tools , can be used to quickly create complex WEB programs . Ldap component is a lightweight directory access protocol component . A...
DEBIAN-CVE-2018-11407
An issue was discovered in the Ldap component in Symfony 2.8.x before 2.8.37, 3.3.x before 3.3.17, 3.4.x before 3.4.7, and 4.0.x before 4.0.7. It allows remote attackers to bypass authentication by logging in with a "null" password and valid username, which triggers an unauthenticated bind. NOTE:...
UBUNTU-CVE-2018-11407
An issue was discovered in the Ldap component in Symfony 2.8.x before 2.8.37, 3.3.x before 3.3.17, 3.4.x before 3.4.7, and 4.0.x before 4.0.7. It allows remote attackers to bypass authentication by logging in with a "null" password and valid username, which triggers an unauthenticated bind. NOTE:...
CVE-2018-11407
An issue was discovered in the Ldap component in Symfony 2.8.x before 2.8.37, 3.3.x before 3.3.17, 3.4.x before 3.4.7, and 4.0.x before 4.0.7. It allows remote attackers to bypass authentication by logging in with a "null" password and valid username, which triggers an unauthenticated bind. NOTE:...
CVE-2018-11407
CVE-2018-11407 affects Symfony’s LDAP authentication path. The issue allows remote attackers to bypass authentication by logging in with a null password and a valid username, triggering an unauthenticated bind. It impacts Symfony versions: 2.8.x before 2.8.37; 3.3.x before 3.3.17; 3.4.x before 3....
CentOS Update for java CESA-2018:0349 centos7
Check the version of java SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882845";...
java security update
CentOS Errata and Security Advisory CESA-2018:0349 An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS...
MGASA-2018-0104 Updated java-1.8.0-openjdk packages fix security vulnerability
Multiple flaws were found in the Hotspot and AWT components of OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions CVE-2018-2582, CVE-2018-2641. It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to...
OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)
It was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class...
security flaw
The LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service crash via a certain "bad BER sequence" that results in a free of uninitialized memory, as demonstrated using the ProtoVer LDAP test suite...
CVE-2006-0453
The LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service crash via a certain "bad BER sequence" that results in a free of uninitialized memory, as demonstrated using the ProtoVer LDAP test suite...
Code injection
Multiple memory leaks in the LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service memory consumption via invalid BER packets that trigger an error, which might prevent memory from being freed if it was allocated during the berscanf call, as demonstrate...
Lotus Domino Server < 7.0.1 LDAP Component Unspecified DoS
Binary data 3416.prm...
CVE-2006-0566
The LDAP component in CommuniGate Pro Core Server 5.0.7 allows remote attackers to cause a denial of service application crash via LDAP messages that contain Distinguished Names DN fields with a large number of elements...