PT-2026-47313

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.0 through 2.4.67 Description A Use After Free issue exists in Apache HTTP Server when using mod ldap in per-directory configuration. Use After Free occurs when an application continues to use a pointer after it...

EUVD-2016-0728

Malware in sbrugna...

EUVD-2002-2244

Malware in sbrugna...

EUVD-2009-1643

Malware in sbrugna...

PT-2024-8764 · M Files · M-Files Server

Name of the Vulnerable Software and Affected Versions: M-Files Server versions prior to 24.11 Description: The issue is related to weaknesses in the authentication procedure of the M-Files Server platform, which can be exploited by a remote attacker to bypass authentication and elevate privileges...

K5716: Authentication bypass in PAM LDAP module - CAN-2005-2641

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

SUSE CVE-2012-3499

Multiple cross-site scripting XSS vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the 1 modimagemap, 2 modinfo, 3 modldap, 4 modproxyftp, and 5...

The vulnerability of the Java framework’s LDAP module for securing Spring-based industrial applications allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the LDAP module of the Java framework for securing Spring-based industrial applications is related to authentication errors. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

httpd: Out of bounds write in mod_authnz_ldap when using too small Accept-Language values

In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, modauthnzldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. If the header value is not present in the charset...

PHP < 5.6.36, 7.x < 7.0.30, 7.1.x < 7.1.17, 7.2.x < 7.2.5 Multiple Vulnerabilities (May 2018) - Windows

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

Solaris 10 (x86) : 150546-02

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: PAM LDAP module. Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Solaris...

CVE-2016-0693

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the PAM LDAP module...

CVE-2016-0693

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the PAM LDAP module...

CVE-2016-0693

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the PAM LDAP module...

CVE-2016-0693

Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the PAM LDAP module...

CVE-2016-0693

CVE-2016-0693 affects Oracle Solaris 10 and 11.3, specifically the PAM LDAP module within the Solaris component. The Nessus/NASL entries indicate the vulnerability is exploitable remotely over the network by an unauthenticated attacker via multiple protocols, with impact to confidentiality, integ...

DEBIAN-CVE-2016-3119

The processdbargs function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 through 1.13.4 and 1.14.x through 1.14.1 mishandles the DB argument, which allows remote authenticated users to cause a denial of service NULL pointer dereferenc...

Updated krb5 packages fix security vulnerability

It was reported that in all versions of MIT krb5, an authenticated attacker with permission to modify a principal entry can cause kadmind to dereference a null pointer by supplying an empty DB argument to the modifyprincipal command, if kadmind is configured to use the LDAP KDB module...

Solaris 10 (x86) : 150546-02 (deprecated)

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: PAM LDAP module. Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Solaris...

Solaris 10 (sparc) : 150545-02 (deprecated)

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: PAM LDAP module. Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Solaris...