Lucene search
+L

720 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-6692

Malicious code in bioql PyPI...

4.9CVSS5AI score0.00553EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-29943

Malicious code in bioql PyPI...

4.4CVSS6.4AI score0.00207EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2021-28172

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00551EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-1523

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.003EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-12909

Malicious code in bioql PyPI...

5.9CVSS6.6AI score0.00484EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-35812

Malicious code in bioql PyPI...

5.4CVSS6.5AI score0.01064EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2021-8278

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00532EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-7591

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.02404EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-1599

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.0045EPSS
Exploits0References2
CVE
CVE
added 2025/10/03 11:25 a.m.537 views

CVE-2025-27231

CVE-2025-27231 involves leakage of the LDAP Bind password in Zabbix deployments. According to connected advisories, the issue allows a Super Admin to exfiltrate the Bind password by altering the LDAP Host to a rogue server, even though the password cannot be read after saving under normal conditi...

4.9CVSS6.4AI score0.00387EPSS
Exploits0References1Affected Software1
Microsoft CVE
Microsoft CVE
added 2025/10/02 6:11 a.m.4 views

An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store.

...

4.3CVSS7AI score0.01168EPSS
Exploits1
OSV
OSV
added 2025/07/29 1:40 p.m.2 views

RLSA-2025:4491 Moderate: 389-ds-base security update

389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Security Fixes: 389-ds-base: null pointer dereference leads to denial of service CVE-2025-2487 F...

4.9CVSS6.8AI score0.00553EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/06/10 9:30 a.m.15 views

Apache Kafka Deserialization of Untrusted Data vulnerability

A possible security vulnerability has been identified in Apache Kafka. This requires access to a alterConfig to the cluster resource, or Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client SASL JAAS config and a SASL-based security protocol, whic...

8.8CVSS8.8AI score0.00881EPSS
Exploits0References4Affected Software3
Snyk
Snyk
added 2025/06/10 7:52 a.m.4 views

Deserialization of Untrusted Data

Overview org.apache.kafka:kafka-clients is a streaming platform that can publish and subscribe to streams of records, store streams of records in a fault-tolerant durable way, and process streams of records as they occur. Affected versions of this package are vulnerable to Deserialization of...

8.8CVSS8AI score0.00881EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 3:51 a.m.11 views

CVE-2023-32987

A cross-site request forgery CSRF vulnerability in Jenkins Reverse Proxy Auth Plugin 1.7.4 and earlier allows attackers to connect to an attacker-specified LDAP server using attacker-specified credentials...

8.8CVSS6.7AI score0.0045EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:28 p.m.6 views

CVE-2021-3956

A read-only authentication bypass vulnerability was reported in the Third Quarter 2021 release of Lenovo XClarity Controller XCC firmware affecting XCC devices configured in LDAP Authentication Only Mode and using an LDAP server that supports “unauthenticated bind”, such as Microsoft Active...

5.3CVSS7.4AI score0.00734EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:7 p.m.9 views

CVE-2021-37935

An information disclosure vulnerability in the login page of Huntflow Enterprise before 3.10.4 could allow an unauthenticated, remote user to get information about the domain name of the configured LDAP server. An attacker could exploit this vulnerability by requesting the login page and searchin...

7.5CVSS6.4AI score0.0137EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:33 a.m.8 views

CVE-2019-3640

Unprotected Transport of Credentials in ePO extension in McAfee Data Loss Prevention 11.x prior to 11.4.0 allows remote attackers with access to the network to collect login details to the LDAP server via the ePO extension not using a secure connection when testing LDAP connectivity...

6.5CVSS6.9AI score0.00528EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:31 a.m.10 views

CVE-2019-5591

A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the LDAP server...

6.5CVSS6.7AI score0.18566EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:6 a.m.8 views

CVE-2018-13378

An information disclosure vulnerability in Fortinet FortiSIEM 5.2.0 and below versions exposes the LDAP server plaintext password via the HTML source code...

7.2CVSS6.5AI score0.01286EPSS
Exploits0References1
Rows per page
Query Builder