Lucene search
+L

1535 matches found

osv
osv
added 2026/05/12 9:27 p.m.2 views

CVE-2026-44304 Lemur: LDAP Filter Injection enables post-authentication privilege escalation

Lemur manages TLS certificate creation. Prior to 1.9.0, Lemur's LDAP authentication module lemur/auth/ldap.py constructs LDAP search filters using unsanitized user input via Python string interpolation. An authenticated LDAP user can inject LDAP filter metacharacters through the username field to...

8.1CVSS6AI score0.00179EPSS
Exploits0References3
cve
cve
added 2026/05/12 4:59 p.m.74 views

CVE-2026-34339

Technical details about CVE-2026-34339 (Windows LDAP denial of service) are not publicly available in the provided connected documents. Monitor for updates from Microsoft/NVD for affected products, vectors, and fixes.

5.5CVSS5.8AI score0.00292EPSS
Exploits0References1Affected Software13
vulnrichment
vulnrichment
added 2026/05/12 4:59 p.m.14 views

CVE-2026-34339 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

...

5.5CVSS5.8AI score0.00292EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/05/12 12:0 a.m.12 views

PT-2026-40158

Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an authorized attacker to deny service locally...

5.5CVSS5.8AI score0.00292EPSS
Exploits0References2
osv
osv
added 2026/05/08 5:43 a.m.7 views

BIT-JRE-2020-2800

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network acce...

5.8CVSS6.7AI score0.02879EPSS
Exploits0References15
cnnvd
cnnvd
added 2026/05/08 12:0 a.m.15 views

Lightweight JSON text parser 安全漏洞

Lightweight JSON Text Parser is a lightweight JSON text parsing library developed by Tilen Majerle. Version 1.8.1 of Lightweight JSON Text Parser has a security vulnerability. This vulnerability stems from a logical error in the string termination detection mechanism of the streaming JSON parser,...

7.5CVSS5.8AI score0.00417EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/05/08 12:0 a.m.18 views

PT-2026-38772

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0...

5.3CVSS5.9AI score0.02038EPSS
Exploits0References11
ptsecurity
ptsecurity
added 2026/05/08 12:0 a.m.20 views

PT-2026-38721

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network acce...

5.8CVSS5.8AI score0.02879EPSS
Exploits0References16
github
github
added 2026/05/06 11:39 p.m.19 views

ldap3_proto has LDAP Filter stack exhaustion

Impact LDAP queries are not validated for depth, which can cause the parser both PEG and ASN to exhaust the stack. This may cause a denial of service in applications that process queries. Workarounds N/A Resources Related to GHSA-r5fr-9gmv-jggh...

5.8AI score
Exploits0References3Affected Software1
osv
osv
added 2026/05/06 2:43 p.m.6 views

BIT-JAVA-MIN-2022-21628

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0...

5.3CVSS6.7AI score0.02038EPSS
Exploits0References10
osv
osv
added 2026/05/06 2:43 p.m.8 views

BIT-JAVA-2022-21628

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0...

5.3CVSS6.7AI score0.02038EPSS
Exploits0References10
osv
osv
added 2026/05/06 2:42 p.m.6 views

BIT-JAVA-MIN-2020-2800

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network acce...

5.8CVSS6.7AI score0.02879EPSS
Exploits0References15
osv
osv
added 2026/05/06 2:42 p.m.9 views

BIT-JAVA-2020-2800

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network acce...

5.8CVSS6.7AI score0.02879EPSS
Exploits0References15
ptsecurity
ptsecurity
added 2026/05/06 12:0 a.m.16 views

PT-2026-37751

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0...

5.3CVSS5.9AI score0.02038EPSS
Exploits0References11
ptsecurity
ptsecurity
added 2026/05/06 12:0 a.m.17 views

PT-2026-37700

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network acce...

5.8CVSS6.7AI score0.02879EPSS
Exploits0References16
ptsecurity
ptsecurity
added 2026/05/06 12:0 a.m.26 views

PT-2026-37907

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network acce...

5.8CVSS6.7AI score0.02879EPSS
Exploits0References16
packetstormnews
packetstormnews
added 2026/05/05 12:0 a.m.6 views

HELO Cryptography: A Lightweight Cryptographic System for Enhancing IoT Security in P2P Data Transmission

The recent surge in security concerns for IoT devices highlights the increasing threat of cryptographic vulnerabilities. These weaknesses can lead to unauthorized access, data breaches, and manipulation of device functions, compromising the privacy and security of both the devices and their users...

5.7AI score
Exploits0
osv
osv
added 2026/05/04 1:12 p.m.12 views

JLSEC-2026-428 When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a cross...

When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP, POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new target host...

5.3CVSS5.8AI score0.00611EPSS
Exploits1References6
packetstormnews
packetstormnews
added 2026/05/04 12:0 a.m.9 views

LiteShield: Hybrid Feature Selection-Driven Lightweight Intrusion Detection for Resource-Constrained IoT Networks

The rapid expansion of Internet of Things IoT deployments has enlarged the attack surface of modern digital infrastructure while exposing a key security mismatch: many intrusion detection systems IDSs remain too computationally expensive for constrained IoT environments. This paper presents...

5.8AI score
Exploits0
mscve
mscve
added 2026/04/26 8:7 a.m.10 views

seg6: separate dst_cache for input and output paths in seg6 lwtunnel

...

9.8CVSS5.8AI score0.00443EPSS
Exploits0
Rows per page
Query Builder