32 matches found
Security Bulletin: Multiple vulnerabilities in IBM Tivoli Network Manager IP Edition
Summary Multiple vulnerabilities were addressed in IBM Tivoli Network Manager IP Edition 4.2.0.24 IFix 1 Vulnerability Details CVEID:CVE-2025-11143 DESCRIPTION: The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs. Differential parsing of...
Important: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.14 for Quarkus 3.27 update is now available (RHBQ 3.27.3.SP1)
An update for Red Hat Build of Apache Camel 4.14 for Quarkus 3.27 update is now available RHBQ 3.27.3.SP1. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Red Hat Product...
CVE-2021-41232
Thunderdome is an open source agile planning poker tool in the theme of Battling for points. In affected versions there is an LDAP injection vulnerability which affects instances with LDAP authentication enabled. The provided username is not properly escaped. This issue has been patched in versio...
EUVD-2021-2275
Malware in sbrugna...
EUVD-2019-13904
Malware in sbrugna...
EUVD-2019-7129
Malware in sbrugna...
EUVD-2021-24409
Malware in sbrugna...
EUVD-2020-0603
Malware in sbrugna...
EUVD-2025-14836
Malicious code in bioql PyPI...
EUVD-2024-31573
Malicious code in bioql PyPI...
EUVD-2023-46075
Malicious code in bioql PyPI...
EUVD-2023-1598
Malicious code in bioql PyPI...
EUVD-2025-10030
Malicious code in bioql PyPI...
EUVD-2023-12528
Malicious code in bioql PyPI...
CVE-2025-52575
CVE-2025-52575 maps to EspoCRM 9.1.6 and earlier, which are vulnerable to blind LDAP injection when LDAP authentication is enabled. An unauthenticated remote attacker can manipulate LDAP queries by injecting crafted inputs (e.g., wildcard characters) to bypass authentication, enumerate usernames,...
CVE-2025-52575 EspoCRM vulnerable to LDAP Injection through Improper Neutralization of Special Elements
EspoCRM is an Open Source CRM Customer Relationship Management software. EspoCRM versions 9.1.6 and earlier are vulnerable to blind LDAP Injection when LDAP authentication is enabled. A remote, unauthenticated attacker can manipulate LDAP queries by injecting crafted input containing wildcard...
LDAP Injection
Mattermost is vulnerable to LDAP Injection. The vulnerability is due to improper validation due to failure to sanitize LDAP group ID attributes in the /api/v4/ldap/groups/remoteid/link API when objectGUID is used as the Group ID Attribute...
CVE-2024-54852
When LDAP connection is activated in Teedy versions between 1.9 to 1.12, the username field of the login form is vulnerable to LDAP injection. Due to improper sanitization of user input, an unauthenticated attacker is then able to perform various malicious actions, such as creating arbitrary...
CVE-2024-37782
An LDAP injection vulnerability in the login page of Gladinet CentreStack v13.12.9934.54690 allows attackers to access sensitive data or execute arbitrary commands via a crafted payload injected into the username field...
CVE-2022-45801
Apache StreamPark 1.0.0 to 2.0.0 have a LDAP injection vulnerability. LDAP Injection is an attack used to exploit web based applications that construct LDAP statements based on user input. When an application fails to properly sanitize user input, it's possible to modify LDAP statements through...