Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-42751

Malicious code in bioql PyPI...

7.9CVSS7.6AI score0.00348EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/04/16 12:47 a.m.29 views

CVE-2023-38994

The 'checkuniventionjoinstatus' prometheus monitoring script and other scripts in UCS 5.0-5 revealed the LDAP plaintext password of the machine account in the process list allowing attackers with local ssh access to gain higher privileges and perform followup attacks. By default, the configuratio...

7.9CVSS7.2AI score0.00348EPSS
Exploits1References6
NVD
NVD
added 2023/10/31 12:15 p.m.24 views

CVE-2023-38994

The 'checkuniventionjoinstatus' prometheus monitoring script and other scripts in UCS 5.0-5 revealed the LDAP plaintext password of the machine account in the process list allowing attackers with local ssh access to gain higher privileges and perform followup attacks. By default, the configuratio...

7.9CVSS8AI score0.00348EPSS
Exploits1References4
CVE
CVE
added 2023/10/31 12:0 a.m.60 views

CVE-2023-38994

CVE-2023-38994 affects Univention Corporate Server (UCS) 5.0-5. The issue stems from the check_univention_joinstatus Prometheus script (and similar scripts), which exposes the LDAP password of the machine account in the process list. This enables attackers with local SSH access to elevate privile...

7.9CVSS7.8AI score0.00348EPSS
Exploits1References4Affected Software1
Veracode
Veracode
added 2020/12/06 4:44 a.m.15 views

Insufficient Information

chromium is vulnerable to insufficient Information.The vulnerability exists due to LDAP password credential are stored in plaintext. which allows to remote attacker to bypass navigation restrictions via a crafted HTML page...

4.3CVSS6.7AI score0.01145EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder