EUVD-2009-1643

Malware in sbrugna...

EUVD-2002-2244

Malware in sbrugna...

EUVD-2016-0728

Malware in sbrugna...

PT-2024-8764 · M Files · M-Files Server

Name of the Vulnerable Software and Affected Versions: M-Files Server versions prior to 24.11 Description: The issue is related to weaknesses in the authentication procedure of the M-Files Server platform, which can be exploited by a remote attacker to bypass authentication and elevate privileges...

K5716: Authentication bypass in PAM LDAP module - CAN-2005-2641

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

SUSE CVE-2012-3499

Multiple cross-site scripting XSS vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the 1 modimagemap, 2 modinfo, 3 modldap, 4 modproxyftp, and 5...

httpd: Out of bounds write in mod_authnz_ldap when using too small Accept-Language values

In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, modauthnzldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. If the header value is not present in the charset...

PHP < 5.6.36, 7.x < 7.0.30, 7.1.x < 7.1.17, 7.2.x < 7.2.5 Multiple Vulnerabilities (May 2018) - Windows

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

Solaris 10 (x86) : 150546-02

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: PAM LDAP module. Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Solaris...

CVE-2016-0693

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the PAM LDAP module...

CVE-2016-0693

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the PAM LDAP module...

CVE-2016-0693

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the PAM LDAP module...

CVE-2016-0693

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the PAM LDAP module...

CVE-2016-0693

CVE-2016-0693 affects Oracle Solaris 10 and 11.3, specifically the PAM LDAP module within the Solaris component. The Nessus/NASL entries indicate the vulnerability is exploitable remotely over the network by an unauthenticated attacker via multiple protocols, with impact to confidentiality, integ...

DEBIAN-CVE-2016-3119

The processdbargs function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which allows remote authenticated users to cause a denial of service NULL pointer dereferenc...

Updated krb5 packages fix security vulnerability

It was reported that in all versions of MIT krb5, an authenticated attacker with permission to modify a principal entry can cause kadmind to dereference a null pointer by supplying an empty DB argument to the modifyprincipal command, if kadmind is configured to use the LDAP KDB module...

Solaris 10 (sparc) : 150545-02 (deprecated)

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: PAM LDAP module. Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Solaris...

Solaris 10 (x86) : 150546-02 (deprecated)

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: PAM LDAP module. Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Solaris...

Dahan version of JCMS2.4 LDAP module file upload vulnerability

Dahan Edition JCMS is a popular content management system in China. A file upload vulnerability exists in Dahan Editon JCMS 2.4 LDAP module, data recovery function. The file /ldap/update/update.jsp does not have any restriction on the uploaded file types and contents. Allows an attacker to exploi...

httpd: multiple XSS flaws due to unescaped hostnames

Multiple cross-site scripting XSS vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the 1 modimagemap, 2 modinfo, 3 modldap, 4 modproxyftp, and 5...