Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-7418

Malware in sbrugna...

9.8CVSS9.5AI score0.04705EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-7422

Malware in sbrugna...

8.1CVSS8.2AI score0.02279EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2020/06/05 2:54 p.m.21 views

CVE-2016-6497

A flaw was found in Groovy LDAP. The API in Apache allows attackers to conduct LDAP entry poisoning attacks by leveraging the returnObjFlag setting. The highest threat from this vulnerability is to data integrity...

7.5CVSS4.3AI score0.05729EPSS
Exploits0References1
Prion
Prion
added 2017/02/03 7:59 p.m.15 views

Code injection

Unspecified methods in the RACF Connector component before 1.1.1.0 in ForgeRock OpenIDM and OpenICF improperly call the SearchControls constructor with returnObjFlag set to true, which allows remote attackers to execute arbitrary code via a crafted serialized Java object, aka LDAP entry poisoning...

6.8CVSS8.2AI score0.02279EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2017/02/03 7:59 p.m.20 views

CVE-2016-6500

Unspecified methods in the RACF Connector component before 1.1.1.0 in ForgeRock OpenIDM and OpenICF improperly call the SearchControls constructor with returnObjFlag set to true, which allows remote attackers to execute arbitrary code via a crafted serialized Java object, aka LDAP entry poisoning...

8.1CVSS8.3AI score0.02279EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/02/03 7:0 p.m.23 views

CVE-2016-6500

Unspecified methods in the RACF Connector component before 1.1.1.0 in ForgeRock OpenIDM and OpenICF improperly call the SearchControls constructor with returnObjFlag set to true, which allows remote attackers to execute arbitrary code via a crafted serialized Java object, aka LDAP entry poisoning...

8.3AI score0.02279EPSS
Exploits0References1
NVD
NVD
added 2017/01/18 10:59 p.m.21 views

CVE-2016-6497

main/java/org/apache/directory/groovyldap/LDAP.java in the Groovy LDAP API in Apache allows attackers to conduct LDAP entry poisoning attacks by leveraging setting returnObjFlag to true for all search methods...

7.5CVSS7.5AI score0.05729EPSS
Exploits0References5
Cvelist
Cvelist
added 2017/01/18 10:0 p.m.24 views

CVE-2016-6497

main/java/org/apache/directory/groovyldap/LDAP.java in the Groovy LDAP API in Apache allows attackers to conduct LDAP entry poisoning attacks by leveraging setting returnObjFlag to true for all search methods...

7.7AI score0.05729EPSS
Exploits0References5
NVD
NVD
added 2016/12/09 10:59 p.m.15 views

CVE-2016-6501

JFrog Artifactory before 4.11 allows remote attackers to execute arbitrary code via an LDAP attribute with a crafted serialized Java object, aka LDAP entry poisoning...

9.8CVSS9.7AI score0.03849EPSS
Exploits0References3
Prion
Prion
added 2016/12/09 10:59 p.m.19 views

Design/Logic Flaw

The LDAP directory connector in Atlassian Crowd before 2.8.8 and 2.9.x before 2.9.5 allows remote attackers to execute arbitrary code via an LDAP attribute with a crafted serialized Java object, aka LDAP entry poisoning...

7.5CVSS8.2AI score0.04705EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2016/12/09 10:59 p.m.13 views

Code injection

JFrog Artifactory before 4.11 allows remote attackers to execute arbitrary code via an LDAP attribute with a crafted serialized Java object, aka LDAP entry poisoning...

7.5CVSS8.2AI score0.03849EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2016/12/09 10:0 p.m.26 views

CVE-2016-6496

The LDAP directory connector in Atlassian Crowd before 2.8.8 and 2.9.x before 2.9.5 allows remote attackers to execute arbitrary code via an LDAP attribute with a crafted serialized Java object, aka LDAP entry poisoning...

9.7AI score0.04705EPSS
Exploits0References5
Cvelist
Cvelist
added 2016/12/09 10:0 p.m.28 views

CVE-2016-6501

JFrog Artifactory before 4.11 allows remote attackers to execute arbitrary code via an LDAP attribute with a crafted serialized Java object, aka LDAP entry poisoning...

9.8AI score0.03849EPSS
Exploits0References3
CVE
CVE
added 2016/12/09 10:0 p.m.61 views

CVE-2016-6496

CVE-2016-6496 affects Atlassian Crowd LDAP entry handling. The LDAP directory connector is vulnerable to LDAP Java object injection: an attacker can cause remote code execution by sending a crafted serialized Java object in an LDAP attribute. Affected versions are all Crowd 1.4.1 to 2.8.7 (and 2....

9.8CVSS9.6AI score0.04705EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder