22 matches found
Astra Linux - уязвимость в 389-ds-base
A flaw was discovered in the ‘deref’ plugin of 389-ds-base, where it could use the ‘search’ permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes...
EUVD-2019-5952
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2019-14824
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could...
CVE-2023-34093
Strapi is an open-source headless content management system. Prior to version 4.10.8, anyone Strapi developers, users, plugins can make every attribute of a Content-Type public without knowing it. The vulnerability only affects the handling of content types by Strapi, not the actual content types...
Information Disclosure
@strapi/utils, @strapi/strapi and @strapi/database is vulnerable to Information Disclosure. The vulnerability exists due to the use of getters for private attributes which allows an attacker to view sensitive attributes because the privateAttributes may be removed unintentionally...
PT-2023-24666 · Strapi · Strapi
Name of the Vulnerable Software and Affected Versions: Strapi versions prior to 4.10.8 Description: The issue affects the handling of content types by Strapi, allowing anyone to make every attribute of a Content-Type public without knowing it. This can lead to sensitive information being exposed ...
SUSE CVE-2019-14824
A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes...
EulerOS 2.0 SP2 : 389-ds-base (EulerOS-SA-2021-1280)
According to the version of the 389-ds-base packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some...
Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2021-1058)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for 389-ds-base (EulerOS-SA-2020-2539)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : 389-ds-base (EulerOS-SA-2020-2539)
According to the versions of the 389-ds-base packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was found that the fix for CVE-2018-14648 in 389-ds-base, versions 1.4.0.x before 1.4.0.17, was incorrectly applied in RHEL 7.5. An...
389-ds-base: Read permission check bypass via the deref plugin
A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes...
Updated 389-ds-base packages fix security vulnerabilities
he updated packages fix security vulnerabilities and a packaging problem: An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. A remote, unauthenticated attacker could potentially use this flaw to make...
[SECURITY] [DLA 2004-1] 389-ds-base security update
Package : 389-ds-base Version : 1.3.3.5-4+deb8u7 CVE ID : CVE-2019-14824 Debian Bug : 944150 A flaw was found in the deref plugin of 389-ds-base where it could use the search permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private...
DEBIAN-CVE-2019-14824
A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes...
CVE-2019-14824
A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes...
CVE-2019-14824
A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes...
UBUNTU-CVE-2019-14824
A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes...
Design/Logic Flaw
A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes...
CVE-2019-14824
A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated attacker to view private attributes, such as password hashes...