cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-8445,https://securityvulnerability.io/vulnerability/CVE-2024-8445,Insufficient Fix for Server Crash Vulnerability in 389-ds-base,"An insufficient input validation vulnerability exists in Red Hat 389 Directory Server (389-ds-base), which allows authenticated users to cause a server crash. This vulnerability arises when an authenticated user attempts to modify the `userPassword` attribute using malformed input. The fix for a previous vulnerability (CVE-2024-2199) did not address all potential scenarios, leaving certain versions of the server susceptible to this issue. It is crucial for users to be aware of this risk and to apply the necessary updates to ensure the security and stability of their deployment.",Red Hat,"Red Hat Enterprise Linux 7 Extended Lifecycle Support,Red Hat Directory Server 11,Red Hat Directory Server 12,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9",5.7,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-09-05T14:24:01.125Z,0
CVE-2024-6237,https://securityvulnerability.io/vulnerability/CVE-2024-6237,389-ds-base: unauthenticated user can trigger a dos by sending a specific extended search request,"A flaw was found in the 389 Directory Server. This flaw allows an unauthenticated user to cause a systematic server crash while sending a specific extended search request, leading to a denial of service.",Red Hat,"Red Hat Directory Server 12.4 For Rhel 9,Red Hat Enterprise Linux 9,Red Hat Directory Server 11,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8",6.5,MEDIUM,0.0006900000153109431,false,false,false,false,,false,false,2024-07-09T17:15:00.000Z,0
CVE-2024-5953,https://securityvulnerability.io/vulnerability/CVE-2024-5953,Denial of Service Vulnerability in 389-ds-base LDAP Server,A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password.,Red Hat,"Red Hat Directory Server 11.7 For Rhel 8,Red Hat Directory Server 11.9 For Rhel 8,Red Hat Directory Server 12.2 Eus For Rhel 9,Red Hat Directory Server 12.4 For Rhel 9,Red Hat Enterprise Linux 7 Extended Lifecycle Support,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 6",5.7,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-06-18T10:01:56.714Z,0
CVE-2024-3657,https://securityvulnerability.io/vulnerability/CVE-2024-3657,LDAP Query Flaw Leads to Denial of Service on 389-ds-base Directory Server,"A vulnerability exists in the 389-ds-base software, where an attacker can exploit a specially-crafted Lightweight Directory Access Protocol (LDAP) query. This exploitation can lead to a failure of the directory server, resulting in a denial of service (DoS). The flaw presents a significant risk for users relying on the directory service for critical operations and could disrupt network communications. It is crucial for organizations using this product to monitor their systems and apply necessary patches to mitigate the risk.",Red Hat,"Red Hat Directory Server 11.7 For Rhel 8,Red Hat Directory Server 11.8 For Rhel 8,Red Hat Directory Server 11.9 For Rhel 8,Red Hat Directory Server 12.2 Eus For Rhel 9,Red Hat Directory Server 12.4 For Rhel 9,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Enterprise Linux 6",7.5,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2024-05-28T12:53:03.399Z,0
CVE-2024-1062,https://securityvulnerability.io/vulnerability/CVE-2024-1062,Heap Overflow Flaw Leads to Denial of Service in 389-ds-base,A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.,Red Hat,"Red Hat Directory Server 11.7 For Rhel 8,Red Hat Directory Server 11.8 For Rhel 8,Red Hat Directory Server 12.2 Eus For Rhel 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.6 Extended Update Support,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Directory Server 12,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 9",5.5,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2024-02-12T13:04:39.944Z,0
CVE-2010-2222,https://securityvulnerability.io/vulnerability/CVE-2010-2222,,The _ger_parse_control function in Red Hat Directory Server 8 and the 389 Directory Server allows attackers to cause a denial of service (NULL pointer dereference) via a crafted search query.,Red Hat,Red Hat Directory Server,7.5,HIGH,0.0009599999757483602,false,false,false,false,,false,false,2019-11-05T19:27:47.000Z,0