9 matches found
Credential Leakage
org.keycloak, keycloak-core is vulnerable to Credential Leakage. The vulnerability is due to a lack of proper validation and enforcement when administrators change the LDAP Connection URL without requiring re-entry of the currently configured LDAP bind credentials. The vulnerability allows an...
CVE-2019-15300
A problem was found in Centreon Web through 19.04.3. An authenticated SQL injection is present in the page include/Administration/parameters/ldap/xml/ldaphost.php. The arId parameter is not properly filtered before being passed to the SQL query...
Sql injection
A problem was found in Centreon Web through 19.04.3. An authenticated SQL injection is present in the page include/Administration/parameters/ldap/xml/ldaphost.php. The arId parameter is not properly filtered before being passed to the SQL query...
Security update for openldap2 (important)
This update fixes the following security issues: - CVE-2015-6908: The bergetnext function allowed remote attackers to cause a denial of service reachable assertion and application crash via crafted BER data, as demonstrated by an attack against slapd. bsc945582 - CVE-2015-4000: Fix weak...
SUSE-SU-2016:0224-1 Security update for openldap2
This update fixes the following security issues: - CVE-2015-6908: The bergetnext function allowed remote attackers to cause a denial of service reachable assertion and application crash via crafted BER data, as demonstrated by an attack against slapd. bsc945582 - CVE-2015-4000: Fix weak...
Barracuda Email Security Service - Multiple HTML Injection Vulnerabilities
Barracuda Email Security Service - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/54773/info Barracuda Email Security Service is prone to multiple HTML-injection vulnerabilities because it fails to properly validate user-supplied input. An attacker may leverage...
Barracuda EMail Security 2.0.2 Filter Bypass / XSS
Title: ====== Barracuda EMail Security 2.0.2 - Multiple Web Vulnerabilities Date: ===== 2012-08-01 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=621 http://www.vulnerability-lab.com/getcontent.php?id=630 Barracuda Networks Security ID: BNSEC-304 VL-ID: ===== 621 Commo...
Barracuda Email Security Service - Multiple HTML Injection Vulnerabilities
source: https://www.securityfocus.com/bid/54773/info Barracuda Email Security Service is prone to multiple HTML-injection vulnerabilities because it fails to properly validate user-supplied input. An attacker may leverage these issues to inject hostile HTML and script code that would run in the...
Barracuda EMail Security 2.0.2 - Multiple Web Vulnerabilities
Document Title: =============== Barracuda EMail Security 2.0.2 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=621 http://www.vulnerability-lab.com/getcontent.php?id=563 Barracuda Networks Security ID: BNSEC-304 Release Dat...