cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-8445,https://securityvulnerability.io/vulnerability/CVE-2024-8445,Insufficient Fix for Server Crash Vulnerability in 389-ds-base,"An insufficient input validation vulnerability exists in Red Hat 389 Directory Server (389-ds-base), which allows authenticated users to cause a server crash. This vulnerability arises when an authenticated user attempts to modify the `userPassword` attribute using malformed input. The fix for a previous vulnerability (CVE-2024-2199) did not address all potential scenarios, leaving certain versions of the server susceptible to this issue. It is crucial for users to be aware of this risk and to apply the necessary updates to ensure the security and stability of their deployment.",Red Hat,"Red Hat Enterprise Linux 7 Extended Lifecycle Support,Red Hat Directory Server 11,Red Hat Directory Server 12,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9",5.7,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-09-05T14:24:01.125Z,0
CVE-2024-1062,https://securityvulnerability.io/vulnerability/CVE-2024-1062,Heap Overflow Flaw Leads to Denial of Service in 389-ds-base,A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.,Red Hat,"Red Hat Directory Server 11.7 For Rhel 8,Red Hat Directory Server 11.8 For Rhel 8,Red Hat Directory Server 12.2 Eus For Rhel 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8.6 Extended Update Support,Red Hat Enterprise Linux 8.8 Extended Update Support,Red Hat Enterprise Linux 9.2 Extended Update Support,Red Hat Directory Server 12,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 9",5.5,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2024-02-12T13:04:39.944Z,0