📄 WebADM 2.4.17-1 Password Hash Disclosure

WebADM version 2.4.17-1 contains an authenticated information disclosure vulnerability in the LDAP search functionality. The display parameter in search.php accepts any LDAP attribute without server-side validation. A low-privileged admin can retrieve SSHA password hashes for all LDAP users...

Amazon Linux 2 : ansible (ALASANSIBLE2-2023-008)

The version of ansible installed on the remote host is prior to 2.9.9-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ANSIBLE2-2023-008 advisory. A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6...

SUSE CVE-2018-10919

The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are...