9 matches found
OPENSUSE-SU-2026:20554-1 Security update for dovecot24
This update for dovecot24 fixes the following issues: - Update to v2.4.3 - CVE-2025-59028: Invalid base64 authentication can cause DoS for other logins bsc1260894. - CVE-2025-59031: decode2text.sh OOXML extraction may follow symlinks and read unintended files during indexing bsc1260895. -...
CVE-2022-22975
An issue was discovered in the Pinniped Supervisor with either LADPIdentityProvider or ActiveDirectoryIdentityProvider resources. An attack would involve the malicious user changing the common name CN of their user entry on the LDAP or AD server to include special characters, which could be used ...
CVE-2022-22975
An issue was discovered in the Pinniped Supervisor with either LADPIdentityProvider or ActiveDirectoryIdentityProvider resources. An attack would involve the malicious user changing the common name CN of their user entry on the LDAP or AD server to include special characters, which could be used ...
CVE-2022-22975
An issue was discovered in the Pinniped Supervisor with either LADPIdentityProvider or ActiveDirectoryIdentityProvider resources. An attack would involve the malicious user changing the common name CN of their user entry on the LDAP or AD server to include special characters, which could be used ...
Design/Logic Flaw
An issue was discovered in the Pinniped Supervisor with either LADPIdentityProvider or ActiveDirectoryIdentityProvider resources. An attack would involve the malicious user changing the common name CN of their user entry on the LDAP or AD server to include special characters, which could be used ...
CVE-2022-22975
An issue was discovered in the Pinniped Supervisor with either LADPIdentityProvider or ActiveDirectoryIdentityProvider resources. An attack would involve the malicious user changing the common name CN of their user entry on the LDAP or AD server to include special characters, which could be used ...
CVE-2022-22975
CVE-2022-22975 affects VMware Pinniped Pinniped Supervisor components that handle LDAPIdentityProvider or ActiveDirectoryIdentityProvider. The root cause is unvalidated LDAP/AD query construction when a malicious user alters the CN to contain special characters, enabling LDAP query injection in t...
PT-2022-3916 · Unknown · Pinniped Supervisor
Name of the Vulnerable Software and Affected Versions: Pinniped Supervisor affected versions not specified Description: An issue was discovered in the Pinniped Supervisor with either LADPIdentityProvider or ActiveDirectoryIdentityProvider resources. The issue allows an attack where a malicious us...
CVE-2021-33668
Due to improper input sanitization, specially crafted LDAP queries can be injected by an unauthenticated user. This could partially impact the confidentiality of the application...