Astra Linux – Vulnerability in OpenLDAP

In OpenLDAP 2.x versions before 2.5.12 and 2.6.x versions before 2.6.2, there is a SQL injection vulnerability in the experimental slapd backend, caused by a SQL statement within an LDAP query. This vulnerability can occur during an LDAP search operation, when the search filter is processed, due ...

JLSEC-2026-174

In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping...

CVE-2026-33289 SuiterCRM has LDAP Filter Injection in Authentication Module

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Prior to versions 7.15.1 and 8.9.3, an LDAP Injection vulnerability exists in the SuiteCRM authentication flow. The application fails to properly sanitize user-supplied input before embedding i...

CVE-2026-25560

WeKan versions prior to 8.19 contain an LDAP filter injection vulnerability in LDAP authentication. User-supplied username input is incorporated into LDAP search filters and DN-related values without adequate escaping, allowing an attacker to manipulate LDAP queries during authentication...

Siemens SIMATIC S7-1500 Improper Neutralization of Special Elements used in an SQL Command (CVE-2022-29155)

In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping...

Linux Distros Unpatched Vulnerability : CVE-2022-29155

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement...

EUVD-2018-11707

Malware in sbrugna...

EUVD-2017-6594

Malware in sbrugna...

EUVD-2009-3833

Malware in sbrugna...

EUVD-2010-0735

Malware in sbrugna...

EUVD-2024-1284

Malicious code in bioql PyPI...

GO-2025-3756 Mattermost allows authenticated administrator to execute LDAP search filter injection in github.com/mattermost/mattermost-server

Mattermost allows authenticated administrator to execute LDAP search filter injection in github.com/mattermost/mattermost-server...

GHSA-4R67-4X4P-FPRG Mattermost allows authenticated administrator to execute LDAP search filter injection

Mattermost versions 10.7.x = 10.7.1, 10.6.x = 10.6.3, 10.5.x = 10.5.4, 9.11.x = 9.11.13 fail to properly validate LDAP group ID attributes, allowing an authenticated administrator with PermissionSysconsoleWriteUserManagementGroups permission to execute LDAP search filter injection via the PUT...

Mattermost allows authenticated administrator to execute LDAP search filter injection

Mattermost versions 10.7.x = 10.7.1, 10.6.x = 10.6.3, 10.5.x = 10.5.4, 9.11.x = 9.11.13 fail to properly validate LDAP group ID attributes, allowing an authenticated administrator with PermissionSysconsoleWriteUserManagementGroups permission to execute LDAP search filter injection via the PUT...

CVE-2024-31867

Improper Input Validation vulnerability in Apache Zeppelin. The attackers can execute malicious queries by setting improper configuration properties to LDAP search filter. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1. Users are recommended to upgrade to version 0.11.1, which fixes...

DrayTek Vigor 3900 安全漏洞

The DrayTek Vigor 3900 is a high performance router for enterprise networks from DrayTek. A security vulnerability exists in the DrayTek Vigor 3900 version 1.5.1.3 that originates from the ability to inject commands into mainfunction.cgi and execute arbitrary code in the ldapsearchdn function...

Apache Zeppelin: LDAP search filter query Injection Vulnerability

Improper Input Validation vulnerability in Apache Zeppelin. The attackers can execute malicious queries by setting improper configuration properties to LDAP search filter. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1. Users are recommended to upgrade to version 0.11.1, which fixes...

CVE-2024-31867

Improper Input Validation vulnerability in Apache Zeppelin. The attackers can execute malicious queries by setting improper configuration properties to LDAP search filter. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1. Users are recommended to upgrade to version 0.11.1, which fixes...

CVE-2024-31867

CVE-2024-31867 – Apache Zeppelin LDAP search filter injection indicates an improper input validation vulnerability in Zeppelin. The issue allows an attacker to execute malicious queries by manipulating LDAP search filter configuration properties, affecting Zeppelin versions from 0.8.2 up to, but ...

CVE-2024-31867 Apache Zeppelin: LDAP search filter query Injection Vulnerability

Improper Input Validation vulnerability in Apache Zeppelin. The attackers can execute malicious queries by setting improper configuration properties to LDAP search filter. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1. Users are recommended to upgrade to version 0.11.1, which fixes...