lemur 信任管理问题漏洞

Lemur is an open-source TLS certificate management tool developed by Netflix, Inc. Versions of Lemur prior to 1.9.0 contained a vulnerability related to trust management. This vulnerability stemmed from unconditional disabling of TLS certificate verification when LDAP TLS was enabled, which could...

libcurl 7.17.0 < 8.18.0 Security Bypass.

The version of libcurl installed on the remote host is missing a security update. It is, therefore, affected by a security bypass vulnerability in multi-threaded LDAPS transfers. - When performing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread could...

CVE-2005-1338

Mac OS X 10.3.9, when using an LDAP server that does not use ldapextendedoperation, may store initial LDAP passwords for new accounts in plaintext...

EUVD-2005-2655

Malware in sbrugna...

EUVD-2001-0956

Malware in sbrugna...

EUVD-2013-3224

Malware in sbrugna...

EUVD-2012-2726

Malware in sbrugna...

EUVD-2017-3119

Malware in sbrugna...

EUVD-2008-3214

Malware in sbrugna...

EUVD-2009-1900

Malware in sbrugna...

EUVD-2015-2704

Malware in sbrugna...

EUVD-2022-35361

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2018-14628

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could...

CVE-2025-21376

Windows Lightweight Directory Access Protocol LDAP Remote Code Execution Vulnerability...

LDAP Information Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LDAP Information Disclosure', 'Description' = %q This module uses an anonymous-bind LDAP connection to dump data from an LDAP server. Searching f...

Important: Red Hat Security Advisory: bind and bind-dyndb-ldap security updates

Updates for bind and bind-dyndb-ldap are now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

Cross site request forgery (csrf)

A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit-389-ds is running can list the processes...

SUSE CVE-2016-2110

The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove application-layer flags or encryption settings, as...

CVE-2020-36658

In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2022-2743)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...