Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openldap openldap 2.4.31 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-6908
The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and previous versions allows remote malicious users to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd.
Openldap Openldap
Apple Mac Os X
1 EDB exploit
NA
CVE-2014-9713
The default slapd configuration in the Debian openldap package 2.4.23-3 up to and including 2.4.39-1.1 allows remote authenticated users to modify the user's permissions and other user attributes via unspecified vectors.
Openldap Openldap 2.4.23
Openldap Openldap 2.4.30
Openldap Openldap 2.4.24
Openldap Openldap 2.4.25
Openldap Openldap 2.4.32
Openldap Openldap 2.4.33
Openldap Openldap 2.4.26
Openldap Openldap 2.4.27
Openldap Openldap 2.4.34
Openldap Openldap 2.4.35
Openldap Openldap 2.4.31
Openldap Openldap 2.4.39
Openldap Openldap 2.4.28
Openldap Openldap 2.4.29
Openldap Openldap 2.4.36
Openldap Openldap 2.4.37
Openldap Openldap 2.4.38
Debian Debian Linux 7.0
NA
CVE-2015-1545
The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 up to and including 2.4.40 allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via an empty attribute list in a deref control in a search request.
Openldap Openldap 2.4.39
Openldap Openldap 2.4.17
Openldap Openldap 2.4.37
Openldap Openldap 2.4.26
Openldap Openldap 2.4.31
Openldap Openldap 2.4.40
Openldap Openldap 2.4.16
Openldap Openldap 2.4.29
Openldap Openldap 2.4.32
Openldap Openldap 2.4.22
Openldap Openldap 2.4.25
Openldap Openldap 2.4.20
Openldap Openldap 2.4.15
Openldap Openldap 2.4.18
Openldap Openldap 2.4.27
Openldap Openldap 2.4.36
Openldap Openldap 2.4.38
Openldap Openldap 2.4.28
Openldap Openldap 2.4.23
Openldap Openldap 2.4.24
Openldap Openldap 2.4.34
Openldap Openldap 2.4.14
NA
CVE-2012-2668
libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and previous versions, when using the Mozilla NSS backend, always uses the default cipher suite even when TLSCipherSuite is set, which might cause OpenLDAP to use weaker ciphers than intended and make it easier for remote mal...
Openldap Openldap 2.4.17
Openldap Openldap 2.4.6
Openldap Openldap 2.4.11
Openldap Openldap 2.4.8
Openldap Openldap 2.4.26
Openldap Openldap 2.4.9
Openldap Openldap 2.4.16
Openldap Openldap
Openldap Openldap 2.4.29
Openldap Openldap 2.4.22
Openldap Openldap 2.4.25
Openldap Openldap 2.4.20
Openldap Openldap 2.4.15
Openldap Openldap 2.4.18
Openldap Openldap 2.4.27
Openldap Openldap 2.4.7
Openldap Openldap 2.4.28
Openldap Openldap 2.4.23
Openldap Openldap 2.4.24
Openldap Openldap 2.4.14
Openldap Openldap 2.4.19
Openldap Openldap 2.4.12
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started