cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-8445,https://securityvulnerability.io/vulnerability/CVE-2024-8445,Insufficient Fix for Server Crash Vulnerability in 389-ds-base,"An insufficient input validation vulnerability exists in Red Hat 389 Directory Server (389-ds-base), which allows authenticated users to cause a server crash. This vulnerability arises when an authenticated user attempts to modify the `userPassword` attribute using malformed input. The fix for a previous vulnerability (CVE-2024-2199) did not address all potential scenarios, leaving certain versions of the server susceptible to this issue. It is crucial for users to be aware of this risk and to apply the necessary updates to ensure the security and stability of their deployment.",Red Hat,"Red Hat Enterprise Linux 7 Extended Lifecycle Support,Red Hat Directory Server 11,Red Hat Directory Server 12,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9",5.7,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-09-05T14:24:01.125Z,0
CVE-2024-6237,https://securityvulnerability.io/vulnerability/CVE-2024-6237,389-ds-base: unauthenticated user can trigger a dos by sending a specific extended search request,"A flaw was found in the 389 Directory Server. This flaw allows an unauthenticated user to cause a systematic server crash while sending a specific extended search request, leading to a denial of service.",Red Hat,"Red Hat Directory Server 12.4 For Rhel 9,Red Hat Enterprise Linux 9,Red Hat Directory Server 11,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8",6.5,MEDIUM,0.0006900000153109431,false,,false,false,false,,,false,false,,2024-07-09T17:15:00.000Z,0
CVE-2024-3657,https://securityvulnerability.io/vulnerability/CVE-2024-3657,LDAP Query Flaw Leads to Denial of Service on 389-ds-base Directory Server,"A vulnerability exists in the 389-ds-base software, where an attacker can exploit a specially-crafted Lightweight Directory Access Protocol (LDAP) query. This exploitation can lead to a failure of the directory server, resulting in a denial of service (DoS). The flaw presents a significant risk for users relying on the directory service for critical operations and could disrupt network communications. It is crucial for organizations using this product to monitor their systems and apply necessary patches to mitigate the risk.",Red Hat,"Red Hat Directory Server 11.5 E4s For Rhel 8,Red Hat Directory Server 11.7 For Rhel 8,Red Hat Directory Server 11.8 For Rhel 8,Red Hat Directory Server 11.9 For Rhel 8,Red Hat Directory Server 12.2 Eus For Rhel 9,Red Hat Directory Server 12.4 For Rhel 9,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 6",7.5,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-05-28T12:53:03.399Z,0
CVE-2024-1062,https://securityvulnerability.io/vulnerability/CVE-2024-1062,Heap Overflow Flaw Leads to Denial of Service in 389-ds-base,A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.,Red Hat,",Red Hat Directory Server 11.5 E4s For Rhel 8,Red Hat Directory Server 11.7 For Rhel 8,Red Hat Directory Server 11.8 For Rhel 8,Red Hat Directory Server 12.2 Eus For Rhel 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.6 Extended Update Support,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Directory Server 12,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 9",5.5,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-02-12T13:04:39.944Z,0
CVE-2010-2222,https://securityvulnerability.io/vulnerability/CVE-2010-2222,Denial of Service Vulnerability in Red Hat Directory Server by Red Hat,"The _ger_parse_control function in Red Hat Directory Server 8 and the 389 Directory Server has a vulnerability that allows attackers to exploit a crafted search query, resulting in a denial of service through a NULL pointer dereference. This exploit can lead to system instability and potential downtime, therefore users are advised to apply patches and update their systems to safeguard against this issue.",Red Hat,Red Hat Directory Server,7.5,HIGH,0.0009599999757483602,false,,false,false,false,,,false,false,,2019-11-05T19:27:47.000Z,0