Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openldap vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-2953
A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.
Openldap Openldap 2.4
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Apple Macos
Netapp Clustered Data Ontap -
Netapp Active Iq Unified Manager -
Netapp Ontap Tools -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
NA
CVE-2023-23749
The 'LDAP Integration with Active Directory and OpenLDAP - NTLM & Kerberos Login' extension is vulnerable to LDAP Injection since is not properly sanitizing the 'username' POST parameter. An attacker can manipulate this paramter to dump arbitrary contents ...
Miniorange Ldap Integration With Active Directory And Openldap 5.0.2
5.5
CVSSv2
CVE-2022-22576
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL...
Haxx Curl
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Clustered Data Ontap -
Netapp Solidfire \\& Hci Management Node -
Netapp Solidfire \\& Hci Storage Node -
Brocade Fabric Operating System -
Netapp Bootstrap Os -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
7.5
CVSSv2
CVE-2022-29155
In OpenLDAP 2.x prior to 2.5.12 and 2.6.x prior to 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lac...
Openldap Openldap
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
5
CVSSv2
CVE-2020-25710
A flaw was found in OpenLDAP in versions prior to 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.
Openldap Openldap
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Jboss Enterprise Web Server 2.0.0
Redhat Enterprise Linux 5.0
Redhat Jboss Enterprise Application Platform 5.0.0
Redhat Jboss Core Services -
Debian Debian Linux 9.0
Fedoraproject Fedora 33
5
CVSSv2
CVE-2020-25709
A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability.
Openldap Openldap
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Apple Macos
Apple Mac Os X
Apple Mac Os X 10.14.6
Apple Mac Os X 10.15.7
Redhat Jboss Core Services -
5
CVSSv2
CVE-2021-27212
In OpenLDAP up to and including 2.4.57 and 2.5.x up to and including 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_...
Openldap Openldap 2.5.1
Openldap Openldap 2.5.0
Openldap Openldap
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5
CVSSv2
CVE-2020-36230
A flaw exists in OpenLDAP prior to 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.
Openldap Openldap
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Apple Mac Os X
Apple Mac Os X 10.14.6
Apple Macos
Apache Bookkeeper 4.12.1
5
CVSSv2
CVE-2020-36221
An integer underflow exists in OpenLDAP prior to 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).
Openldap Openldap
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Apple Mac Os X
Apple Mac Os X 10.14.6
Apple Macos
5
CVSSv2
CVE-2020-36222
A flaw exists in OpenLDAP prior to 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.
Openldap Openldap
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Apple Mac Os X
Apple Mac Os X 10.14.6
Apple Macos
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »