Linux Distros Unpatched Vulnerability : CVE-2020-36966

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dolibarr 11.0.3 contains a persistent cross-site scripting vulnerability in LDAP synchronization settings that allows attackers to inject malicious scripts...

EUVD-2020-30964

Dolibarr 11.0.3 contains a persistent cross-site scripting vulnerability in LDAP synchronization settings that allows attackers to inject malicious scripts through multiple parameters. Attackers can exploit the host, slave, and port parameters in /dolibarr/admin/ldap.php to execute arbitrary...

CVE-2022-35842

An exposure of sensitive information to an unauthorized actor vulnerabiltiy CWE-200 in FortiOS SSL-VPN versions 7.2.0, versions 7.0.0 through 7.0.6 and versions 6.4.0 through 6.4.9 may allow a remote unauthenticated attacker to gain information about LDAP and SAML settings configured in FortiOS...

EUVD-2024-50921

Malicious code in bioql PyPI...

EUVD-2024-50600

Malicious code in bioql PyPI...

EUVD-2022-38715

Malicious code in bioql PyPI...

CVE-2024-12106

In WhatsUp Gold versions released before 2024.0.2, an unauthenticated attacker can configure LDAP settings...

CVE-2024-12510

If LDAP settings are accessed, authentication could be redirected to another server, potentially exposing credentials. This requires admin access and an active LDAP setup...

CVE-2024-12510

Xerox Versalink C7025 MFPs (firmware 57.69.91 and earlier) are affected by CVE-2024-12510 (LDAP pass-back). A malicious actor with admin access and LDAP enabled can reconfigure the LDAP server IP on the LDAP settings page, causing LDAP lookups to authenticate against an attacker‑controlled server...

CVE-2024-12510 LDAP Authentication Sever Pass-back attack

If LDAP settings are accessed, authentication could be redirected to another server, potentially exposing credentials. This requires admin access and an active LDAP setup...

PT-2025-1874

Name of the Vulnerable Software and Affected Versions Xerox VersaLink Printers affected versions not specified Xerox VersaLink C7025 MFPs affected versions not specified Description The issue allows authentication to be redirected to another server when accessing LDAP settings, potentially exposi...

CVE-2024-12106

In WhatsUp Gold versions released before 2024.0.2, an unauthenticated attacker can configure LDAP settings...

CVE-2024-12106 WhatsUp Gold - LDAP configuration interface leading to allowing attacker to configure LDAP settings without authentication

In WhatsUp Gold versions released before 2024.0.2, an unauthenticated attacker can configure LDAP settings...

Design/Logic Flaw

Dell Data Protection Search 19.2.0 and above contain an exposed password opportunity in plain text when using LdapSettings.getldapinfo in DP Search. A remote unauthorized unauthenticated attacker could potentially exploit this vulnerability leading to a loss of Confidentiality, Integrity,...

PT-2022-6024 · Fortinet · Fortios

Name of the Vulnerable Software and Affected Versions: FortiOS versions 6.4.0 through 6.4.9 FortiOS versions 7.0.0 through 7.0.6 FortiOS version 7.2.0 Description: The issue is related to the exposure of sensitive information to unauthorized actors, potentially allowing remote unauthenticated...

How to configure XenMobile to use multiple domain suffix in LDAP config

Enroll devices using alternate upn suffix and configure Citrix Endpoint Management to use a domain suffix for authentication. Refer to Citrix documentation - Citrix Gateway and Endpoint Management...