Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
amazon search directory vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-0996
A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication.
Redhat 389 Directory Server 1.4.0.0
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Redhat Enterprise Linux 8.0
1 Github repository
6.5
CVSSv3
CVE-2019-14824
A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. In some configurations, this could allow an authenticated malicious user to view private attributes, such as password hashes.
Fedoraproject 389 Directory Server -
Redhat Enterprise Linux 7.0
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2018-10935
A flaw was found in the 389 Directory Server that allows users to cause a crash in the LDAP server using ldapsearch with server side sort.
Redhat 389 Directory Server
5.7
CVSSv3
CVE-2020-0569
Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access.
Intel Ax201 Firmware
Intel Ax200 Firmware
Intel Ac 9560 Firmware
Intel Ac 9462 Firmware
Intel Ac 9461 Firmware
Intel Ac 9260 Firmware
Intel Ac 8265 Firmware
Intel Ac 8260 Firmware
Intel Ac 3168 Firmware
Intel 7265 Firmware
Intel Ac 3165 Firmware
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Qt Qt
4.8
CVSSv3
CVE-2021-29425
In Apache Commons IO prior to 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not furt...
Apache Commons Io 2.2
Apache Commons Io 2.3
Apache Commons Io 2.4
Apache Commons Io 2.5
Apache Commons Io 2.6
Debian Debian Linux 9.0
Oracle Weblogic Server 12.1.3.0.0
Oracle Retail Integration Bus 13.0
Oracle Flexcube Core Banking 5.2.0
Oracle Solaris Cluster 4.0
Oracle Access Manager 11.1.2.3.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Access Manager 12.2.1.3.0
Oracle Application Testing Suite 13.3.0.1
Oracle Retail Order Broker 16.0
Oracle Banking Platform 2.6.2
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Agile Plm 9.3.6
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
4.6
CVSSv3
CVE-2019-10224
A flaw has been found in 389-ds-base versions 1.4.x.x prior to 1.4.1.3. When executed in verbose mode, the dscreate and dsconf commands may display sensitive information, such as the Directory Manager password. An attacker, able to see the screen or record the terminal standard e...
Fedoraproject 389 Directory Server
NA
CVE-2014-3248
Untrusted search path vulnerability in Puppet Enterprise 2.8 prior to 2.8.7, Puppet prior to 2.7.26 and 3.x prior to 3.6.2, Facter 1.6.x and 2.x prior to 2.0.2, Hiera prior to 1.3.4, and Mcollective prior to 2.5.2, when running with Ruby 1.9.1 or earlier, allows local users to ga...
Puppetlabs Facter
Puppet Facter 2.0.1
Puppet Facter 2.0.0
Puppet Marionette Collective
Puppet Hiera
Puppet Puppet
Puppet Puppet Enterprise
NA
CVE-2010-4820
Untrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary PostScript code via a Trojan horse Postscript library file in Encoding/ under the current working directory, a different vulnerability than CVE-2010-2055.
Ghostscript Ghostscript 8.62
NA
CVE-2014-0039
Untrusted search path vulnerability in fwsnort prior to 1.6.4, when not running as root, allows local users to execute arbitrary code via a Trojan horse fwsnort.conf in the current working directory.
Cipherdyne Fwsnort 1.6.1
Cipherdyne Fwsnort 1.6
Cipherdyne Fwsnort 1.5
Cipherdyne Fwsnort 1.0
Cipherdyne Fwsnort 0.9.0
Cipherdyne Fwsnort 0.6.3
Cipherdyne Fwsnort 0.6.2
Cipherdyne Fwsnort
Cipherdyne Fwsnort 1.0.4
Cipherdyne Fwsnort 1.0.3
Cipherdyne Fwsnort 0.8.0
Cipherdyne Fwsnort 0.7.0
Cipherdyne Fwsnort 0.5
Cipherdyne Fwsnort 1.0.6
Cipherdyne Fwsnort 1.0.5
Cipherdyne Fwsnort 0.8.2
Cipherdyne Fwsnort 0.8.1
Cipherdyne Fwsnort 0.6.1
Cipherdyne Fwsnort 0.6
Cipherdyne Fwsnort 1.6.3
Cipherdyne Fwsnort 1.6.2
Cipherdyne Fwsnort 1.0.2
NA
CVE-2013-4485
389 Directory Server 1.2.11.15 (aka Red Hat Directory Server prior to 8.2.11-14) allows remote authenticated users to cause a denial of service (crash) via multiple @ characters in a GER attribute list in a search request.
Redhat Enterprise Linux 6.0
Fedoraproject 389 Directory Server 1.2.11.15
Redhat Directory Server
Redhat Directory Server 8.1
Redhat Directory Server 8.0
Redhat Directory Server 7.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »