Lucene search
K

47 matches found

NVD
NVD
added 7 hours ago6 views

CVE-2026-4256

Improper neutralization of special elements used in an LDAP query 'LDAP injection' vulnerability in PEAKUP Technology Inc. PassGate allows LDAP Injection. This issue affects PassGate: through 30042026...

8.2CVSS
Exploits0References1
EUVD
EUVD
added 8 hours ago5 views

EUVD-2026-42586

Improper neutralization of special elements used in an LDAP query 'LDAP injection' vulnerability in PEAKUP Technology Inc. PassGate allows LDAP Injection. This issue affects PassGate: through 30042026...

8.2CVSS5.9AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/25 10:59 a.m.5 views

CVE-2026-33609

A flaw was found in PowerDNS. When running with 8bit-dns enabled, incomplete escaping of Lightweight Directory Access Protocol LDAP queries allows authenticated users to perform queries of internal domain subtrees. This vulnerability can lead to information disclosure, potentially exposing...

6.5CVSS5.2AI score0.00242EPSS
Exploits0References2
NVD
NVD
added 2026/04/17 2:16 p.m.4 views

CVE-2026-40459

PAC4J is vulnerable to LDAP Injection in multiple methods. A low-privileged remote attacker can inject crafted LDAP syntax into ID-based search parameters, potentially resulting in unauthorized LDAP queries and arbitrary directory operations. This issue was fixed in PAC4J versions 4.5.10, 5.7.10...

8.8CVSS0.00608EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.10 views

Bouncy Castle Java 安全漏洞

Bouncy Castle Java is an open-source encryption algorithm developed by Legion of the Bouncy Castle Inc. Versions of Bouncy Castle Java prior to 1.84 contained security vulnerabilities, which were caused by improper handling of special elements in LDAP queries. These vulnerabilities could lead to...

6.9CVSS5.8AI score0.00527EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.14 views

EUVD-2006-6537

Malware in sbrugna...

5CVSS6.4AI score0.0144EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-5995

Malware in sbrugna...

5.3CVSS5.9AI score0.01199EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-26962

Malware in sbrugna...

6.5CVSS6.5AI score0.01731EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-29542

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00546EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 7:48 p.m.6 views

CVE-2021-33668

Due to improper input sanitization, specially crafted LDAP queries can be injected by an unauthenticated user. This could partially impact the confidentiality of the application...

7.5CVSS6.9AI score0.01071EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/11/15 12:0 a.m.23 views

Adobe RoboHelp Server resolveDistinguishedName LDAP Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe RoboHelp Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the resolveDistinguishedName method. The issue results from the lack of...

7.5CVSS6.3AI score0.01392EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2023/10/10 7:0 a.m.48 views

October 10, 2023—KB5031411 (Security-only update)

October 10, 2023—KB5031411 Security-only update REMINDER Windows Server 2008 SP2 Extended Security Updates third and final year of ESU ended on January 10, 2023. Many customers are taking advantage of Azures commitment to security and compliance and have moved to Azure to protect their Windows...

9.8CVSS7.7AI score0.20719EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/03/30 12:0 a.m.21 views

ForgeRock Access Management 6.0.0.x / 6.5.0.x / 6.5.2.x / 6.5.3 / 6.5.4 / 7.0.x / 7.1 / 7.1.1 Multiple Vulnerabilities

The version of ForgeRock Access Management detected on the remote host is affected by multiple vulnerabilities, including the following: - It may be possible to gain some details of the deployment through a well-crafted attack. This may allow that data to be used to probe internal network service...

7.1CVSS6.1AI score0.00546EPSS
Exploits0References3
NVD
NVD
added 2022/10/27 5:15 p.m.31 views

CVE-2022-24670

An attacker can use the unrestricted LDAP queries to determine configuration entries...

7.1CVSS0.00546EPSS
Exploits0References2
Prion
Prion
added 2022/10/27 5:15 p.m.14 views

Design/Logic Flaw

An attacker can use the unrestricted LDAP queries to determine configuration entries...

4CVSS6.4AI score0.00546EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/10/27 4:53 p.m.28 views

CVE-2022-24670 Any user can run unrestricted LDAP queries against a configuration endpoint

An attacker can use the unrestricted LDAP queries to determine configuration entries...

7.1CVSS7.1AI score0.00546EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/10/27 4:53 p.m.12 views

CVE-2022-24670 Any user can run unrestricted LDAP queries against a configuration endpoint

An attacker can use the unrestricted LDAP queries to determine configuration entries...

7.1CVSS6.8AI score0.00546EPSS
Exploits0References2
Kitploit
Kitploit
added 2022/09/02 12:30 p.m.28 views

Aced - Tool to parse and resolve a single targeted Active Directory principal's DACL

Aced is a tool to parse and resolve a single targeted Active Directory principal's DACL. Aced will identify interesting inbound access allowed privileges against the targeted account, resolve the SIDS of the inbound permissions, and present that data to the operator. Additionally, the logging...

8AI score
Exploits0References3
OSV
OSV
added 2022/05/17 11:47 a.m.7 views

USN-5424-1 openldap vulnerability

It was discovered that OpenLDAP incorrectly handled certain SQL statements within LDAP queries in the experimental back-sql backend. A remote attacker could possibly use this issue to perform an SQL injection attack and alter the database...

9.8CVSS5.9AI score0.69899EPSS
Exploits1References2
Kitploit
Kitploit
added 2022/04/19 12:30 p.m.45 views

ADReaper - A Fast Enumeration Tool For Windows Active Directory Pentesting Written In Go

ADReaper is a tool written in Golang which enumerate a Active Directory environment with LDAP queries within few seconds. Installation You can download precompiled executable binaries for Windows/Linux from latest releases Install from source To build from source, clone the repo and build it with...

7.7AI score
Exploits0References2
Rows per page
Query Builder