cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-8445,https://securityvulnerability.io/vulnerability/CVE-2024-8445,Insufficient Fix for Server Crash Vulnerability in 389-ds-base,"An insufficient input validation vulnerability exists in Red Hat 389 Directory Server (389-ds-base), which allows authenticated users to cause a server crash. This vulnerability arises when an authenticated user attempts to modify the `userPassword` attribute using malformed input. The fix for a previous vulnerability (CVE-2024-2199) did not address all potential scenarios, leaving certain versions of the server susceptible to this issue. It is crucial for users to be aware of this risk and to apply the necessary updates to ensure the security and stability of their deployment.",Red Hat,"Red Hat Enterprise Linux 7 Extended Lifecycle Support,Red Hat Directory Server 11,Red Hat Directory Server 12,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9",5.7,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-09-05T14:24:01.125Z,0
CVE-2024-6237,https://securityvulnerability.io/vulnerability/CVE-2024-6237,389-ds-base: unauthenticated user can trigger a dos by sending a specific extended search request,"A flaw was found in the 389 Directory Server. This flaw allows an unauthenticated user to cause a systematic server crash while sending a specific extended search request, leading to a denial of service.",Red Hat,"Red Hat Directory Server 12.4 For Rhel 9,Red Hat Enterprise Linux 9,Red Hat Directory Server 11,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8",6.5,MEDIUM,0.0006900000153109431,false,false,false,false,,false,false,2024-07-09T17:15:00.000Z,0