Lucene search
K

30 matches found

EUVD
EUVD
added 2 days ago5 views

EUVD-2026-42042

A heap-buffer-overflow flaw was found in 389 Directory Server 389-ds-base. When normalizing a Distinguished Name DN that contains a legacy-quoted value encoding a multivalued nested Relative Distinguished Name RDN, the server can write past the end of a heap allocation while sorting RDN...

5.3CVSS5.9AI score0.00307EPSS
Exploits0References2
OSV
OSV
added 2026/04/22 9:20 a.m.8 views

CLSA-2025-1758636652 openldap: Fix of 14 CVEs

Rebase to 2.4.58 to fix the following vulnerabilities: - CVE-2020-12243: fix denial of service caused by LDAP search filters with nested boolean expressions - CVE-2020-36221: fix integer underflow in the Certificate Exact Assertion processing - CVE-2020-36223: fix slapd crash in the Values Return...

7.5CVSS7.1AI score0.84224EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.4 views

Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2020-25692)

A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service. This plugin only works with...

7.5CVSS7AI score0.02183EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2016-5958

Malware in sbrugna...

7.5CVSS8.5AI score0.02412EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 6:0 a.m.3 views

SUSE CVE-2010-0212

OpenLDAP 2.4.22 allows remote attackers to cause a denial of service crash via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smrnormalize function and triggers a NULL pointer dereference in the IA5StringNormalize function in schemainit.c, as...

5CVSS8.9AI score0.06221EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:53 a.m.4 views

SUSE CVE-2020-25692

A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service...

7.5CVSS6.9AI score0.02183EPSS
Exploits0References135
OSV
OSV
added 2022/02/24 7:15 p.m.15 views

AZL-8819 CVE-2021-44533 affecting package nodejs for versions less than 16.14.0-1

Node.js 12.22.9, 14.18.3, 16.13.2, and 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in...

5.3CVSS6.8AI score0.09358EPSS
Exploits1References1
OSV
OSV
added 2022/02/24 7:15 p.m.2 views

DEBIAN-CVE-2021-44533

Node.js 12.22.9, 14.18.3, 16.13.2, and 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in...

5.3CVSS6.4AI score0.09358EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2021/04/27 11:54 a.m.3 views

openldap: NULL pointer dereference for unauthenticated packet in slapd

A NULL pointer dereference flaw was found in the OpenLDAP server, during a request for renaming RDNs. This flaw allows a remote, unauthenticated attacker to crash the slapd process by sending a specially crafted request, causing a denial of service. The highest threat from this vulnerability is t...

7.5CVSS7.3AI score0.02183EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2020/12/09 12:0 a.m.3 views

A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55 during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request causing a Denial of Service.

...

7.5CVSS7AI score0.02183EPSS
Exploits0
OSV
OSV
added 2020/07/01 11:15 a.m.2 views

UBUNTU-CVE-2020-15474

In nDPI through 3.2, there is a stack overflow in extractRDNSequence in lib/protocols/tls.c...

9.8CVSS7.3AI score0.01198EPSS
Exploits0References3
OSV
OSV
added 2017/07/08 12:29 p.m.0 views

DEBIAN-CVE-2017-11107

phpLDAPadmin through 1.2.3 has XSS in htdocs/entrychooser.php via the form, element, rdn, or container parameter...

6.1CVSS6.4AI score0.02069EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2017/07/08 12:0 p.m.31 views

CVE-2017-11107

phpLDAPadmin through 1.2.3 has XSS in htdocs/entrychooser.php via the form, element, rdn, or container parameter...

6.1CVSS6AI score0.02069EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2017/07/08 12:0 p.m.23 views

CVE-2017-11107

phpLDAPadmin through 1.2.3 has XSS in htdocs/entrychooser.php via the form, element, rdn, or container parameter...

6.1CVSS6AI score0.02069EPSS
Exploits1
Prion
Prion
added 2017/06/08 7:29 p.m.24 views

Design/Logic Flaw

389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer the existence of RDN component objects...

5CVSS6.9AI score0.02412EPSS
Exploits0References4Affected Software4
NVD
NVD
added 2017/06/08 7:29 p.m.24 views

CVE-2016-4992

389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer the existence of RDN component objects...

7.5CVSS7.6AI score0.02412EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2017/06/08 7:29 p.m.30 views

CVE-2016-4992

389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer the existence of RDN component objects...

7.5CVSS6.8AI score0.02412EPSS
Exploits0References2
OSV
OSV
added 2017/06/08 7:29 p.m.8 views

CVE-2016-4992

389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer the existence of RDN component objects...

7.5CVSS8.5AI score
Exploits0References4
Debian CVE
Debian CVE
added 2017/06/08 7:0 p.m.27 views

CVE-2016-4992

389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to infer the existence of RDN component objects...

7.5CVSS7.6AI score0.02412EPSS
Exploits0
Prion
Prion
added 2011/04/21 10:55 a.m.19 views

Memory corruption

Memory leak in the ldapexploderdn API function in IBM Tivoli Directory Server TDS 5.2 before 5.2.0.5-TIV-ITDS-LA0007 allows remote authenticated users to cause a denial of service memory consumption by making many function calls...

4CVSS6.5AI score0.00883EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder