Lucene search
K

26 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2008-1666

Malware in sbrugna...

9CVSS6.4AI score0.03827EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2020-7268

Malware in sbrugna...

8.8CVSS8.6AI score0.00931EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-15356

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00545EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/04/14 5:58 p.m.16 views

CVE-2023-1656

Cleartext Transmission of Sensitive Information vulnerability in ForgeRock Inc. OpenIDM and Java Remote Connector Server RCS LDAP Connector on Windows, MacOS, Linux allows Remote Services with Stolen Credentials.This issue affects OpenIDM and Java Remote Connector Server RCS: from 1.5.20.9 throug...

7.5CVSS7AI score0.00347EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 2:51 p.m.8 views

CVE-2020-15259

ad-ldap-connector's admin panel before version 5.0.13 does not provide csrf protection, which when exploited may result in remote code execution or confidential data loss. CSRF exploits may occur if the user visits a malicious page containing CSRF payload on the same machine that has access to th...

8.8CVSS7.5AI score0.00931EPSS
Exploits0
NVD
NVD
added 2023/03/29 8:15 p.m.20 views

CVE-2023-1656

Cleartext Transmission of Sensitive Information vulnerability in ForgeRock Inc. OpenIDM and Java Remote Connector Server RCS LDAP Connector on Windows, MacOS, Linux allows Remote Services with Stolen Credentials.This issue affects OpenIDM and Java Remote Connector Server RCS: from 1.5.20.9 throug...

7.5CVSS7.6AI score0.00347EPSS
Exploits0References2
OSV
OSV
added 2023/03/29 8:15 p.m.3 views

CVE-2023-1656

Cleartext Transmission of Sensitive Information vulnerability in ForgeRock Inc. OpenIDM and Java Remote Connector Server RCS LDAP Connector on Windows, MacOS, Linux allows Remote Services with Stolen Credentials.This issue affects OpenIDM and Java Remote Connector Server RCS: from 1.5.20.9 throug...

7.5CVSS7.2AI score0.00347EPSS
Exploits0References2
Prion
Prion
added 2023/03/29 8:15 p.m.18 views

Code injection

Cleartext Transmission of Sensitive Information vulnerability in ForgeRock Inc. OpenIDM and Java Remote Connector Server RCS LDAP Connector on Windows, MacOS, Linux allows Remote Services with Stolen Credentials.This issue affects OpenIDM and Java Remote Connector Server RCS: from 1.5.20.9 throug...

5CVSS7.6AI score0.00347EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/29 7:55 p.m.10 views

CVE-2023-1656 When the LDAP connector is started with StartTLS configured, LDAP BIND credentials are transmitted insecurely, prior to establishing the TLS connection.

Cleartext Transmission of Sensitive Information vulnerability in ForgeRock Inc. OpenIDM and Java Remote Connector Server RCS LDAP Connector on Windows, MacOS, Linux allows Remote Services with Stolen Credentials.This issue affects OpenIDM and Java Remote Connector Server RCS: from 1.5.20.9 throug...

7.5CVSS7.6AI score0.00347EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/03/29 7:55 p.m.28 views

CVE-2023-1656 When the LDAP connector is started with StartTLS configured, LDAP BIND credentials are transmitted insecurely, prior to establishing the TLS connection.

Cleartext Transmission of Sensitive Information vulnerability in ForgeRock Inc. OpenIDM and Java Remote Connector Server RCS LDAP Connector on Windows, MacOS, Linux allows Remote Services with Stolen Credentials.This issue affects OpenIDM and Java Remote Connector Server RCS: from 1.5.20.9 throug...

7.5CVSS7.8AI score0.00347EPSS
Exploits0References2
CVE
CVE
added 2023/03/29 7:55 p.m.73 views

CVE-2023-1656

CVE-2023-1656 affects ForgeRock OpenIDM and the Java Remote Connector Server (RCS) LDAP Connector on Windows, MacOS, and Linux. The root cause is cleartext transmission of LDAP BIND credentials before TLS, leading to potential exposure of credentials for OpenIDM and RCS versions 1.5.20.9–1.5.20.1...

7.5CVSS7.6AI score0.00347EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/03/27 12:0 a.m.6 views

PT-2023-2592 · Forgerock · Openid +1

Name of the Vulnerable Software and Affected Versions: OpenIDM and Java Remote Connector Server RCS versions 1.5.20.9 through 1.5.20.13 Description: The issue is related to the cleartext transmission of sensitive information, which can allow remote services to access protected information with...

7.8CVSS7.4AI score0.00347EPSS
Exploits0References5
Prion
Prion
added 2022/09/19 10:15 p.m.15 views

Code injection

When the LDAP connector is started with StartTLS configured, unauthenticated access is granted. This issue affects: all versions of the LDAP connector prior to 1.5.20.9. The LDAP connector is bundled with Identity Management IDM and Remote Connector Server RCS...

7.5CVSS9.4AI score0.00545EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/09/19 9:15 p.m.6 views

CVE-2022-0143 LDAP Connector: When startTLS is used then LDAP connector ignores the wrong password

When the LDAP connector is started with StartTLS configured, unauthenticated access is granted. This issue affects: all versions of the LDAP connector prior to 1.5.20.9. The LDAP connector is bundled with Identity Management IDM and Remote Connector Server RCS...

9.3CVSS9.6AI score0.00545EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/09/19 12:0 a.m.5 views

PT-2022-12993 · Unknown · Ldap Connector

Name of the Vulnerable Software and Affected Versions: LDAP connector versions prior to 1.5.20.9 Description: The issue allows unauthenticated access when the LDAP connector is started with StartTLS configured. This problem is related to the LDAP connector, which is bundled with Identity Manageme...

9.8CVSS9.5AI score0.00545EPSS
Exploits0References5
NVD
NVD
added 2020/11/06 8:15 p.m.15 views

CVE-2020-15259

ad-ldap-connector's admin panel before version 5.0.13 does not provide csrf protection, which when exploited may result in remote code execution or confidential data loss. CSRF exploits may occur if the user visits a malicious page containing CSRF payload on the same machine that has access to th...

8.8CVSS8.3AI score0.00931EPSS
Exploits0References2
OSV
OSV
added 2020/11/06 8:15 p.m.11 views

CVE-2020-15259

ad-ldap-connector's admin panel before version 5.0.13 does not provide csrf protection, which when exploited may result in remote code execution or confidential data loss. CSRF exploits may occur if the user visits a malicious page containing CSRF payload on the same machine that has access to th...

8.8CVSS7.6AI score
Exploits0References2
Prion
Prion
added 2020/11/06 8:15 p.m.9 views

Cross site request forgery (csrf)

ad-ldap-connector's admin panel before version 5.0.13 does not provide csrf protection, which when exploited may result in remote code execution or confidential data loss. CSRF exploits may occur if the user visits a malicious page containing CSRF payload on the same machine that has access to th...

6.8CVSS8.7AI score0.00931EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2020/11/06 7:35 p.m.54 views

CVE-2020-15259

The CVE-2020-15259 issue affects the ad-ldap-connector admin panel prior to version 5.0.13. The root cause is missing CSRF protection, which could allow CSRF payloads loaded from a malicious page on the same machine to interact with the admin console, potentially causing remote code execution or ...

8.8CVSS8.6AI score0.00931EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/11/06 7:35 p.m.17 views

CVE-2020-15259 CSRF in Auth0 ad-ldap-connector

ad-ldap-connector's admin panel before version 5.0.13 does not provide csrf protection, which when exploited may result in remote code execution or confidential data loss. CSRF exploits may occur if the user visits a malicious page containing CSRF payload on the same machine that has access to th...

8.1CVSS8.8AI score0.00931EPSS
Exploits0References2
Rows per page
Query Builder