| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-53958 | LDAP Tool Box Self Service Password 1.5.2 Account Takeover via HTTP Host Header | ltb-project | LDAP Tool Box Self Service Password | High | 7.5 | 2025-12-19 21:05:53 | Deep Dive |
| CVE-2025-13948 | opsre go-ldap-admin JWT docker-compose.yaml hard-coded key | opsre | go-ldap-admin | Medium | 5.6 | 2025-12-03 14:32:07 | Deep Dive |
| CVE-2025-61912 | python-ldap Vulnerable to Improper Encoding or Escaping of Output and Improper Null Termination | python-ldap | python-ldap | - | - | 2025-10-10 22:04:25 | Deep Dive |
| CVE-2025-61911 | python-ldap has sanitization bypass in ldap.filter.escape_filter_chars | python-ldap | python-ldap | - | - | 2025-10-10 22:02:16 | Deep Dive |
| CVE-2025-48343 | WordPress WPMU Ldap Authentication plugin <= 5.0.1 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability | Aaron Axelsen | WPMU Ldap Authentication | High | 7.1 | 2025-08-28 12:37:01 | Deep Dive |
| CVE-2024-56841 | Siemens Mendix 注入漏洞 | Siemens | Mendix LDAP | High | 7.4 | 2025-01-14 10:30:15 | Deep Dive |
| CVE-2024-38829 | Spring LDAP sensitive data exposure for case-sensitive comparisons | Spring | Spring LDAP | Low | 3.7 | 2024-12-04 21:06:05 | Deep Dive |
| CVE-2024-8715 | Simple LDAP Login <= 1.6.0 - Reflected Cross-Site Scripting | clifgriffin | Simple LDAP Login | Medium | 6.1 | 2024-09-28 02:31:28 | Deep Dive |
| CVE-2023-0392 | Okta LDAP Agent 安全漏洞 | Okta | LDAP Agent | - | - | 2023-11-08 20:37:15 | Deep Dive |
| CVE-2023-5003 | Active Directory Integration < 4.1.10 - Unauthenticated Log Disclosure | Unknown | Active Directory Integration / LDAP Integration | 高危 | - | 2023-10-16 19:39:09 | Deep Dive |
| CVE-2023-4506 | Active Directory Integration / LDAP Integration <= 4.1.10 - LDAP Passback | cyberlord92 | Active Directory Integration / LDAP Integration | Low | 2.2 | 2023-09-26 01:51:13 | Deep Dive |
| CVE-2023-3447 | Active Directory Integration / LDAP Integration <= 4.1.5 - Authenticated (Subscriber+) LDAP Injection | cyberlord92 | Active Directory Integration / LDAP Integration | High | 7.6 | 2023-06-29 04:28:36 | Deep Dive |
| CVE-2023-2599 | Active Directory Integration / LDAP Integration <= 4.1.4 - Cross-Site Request Forgery to SQL Injection | cyberlord92 | Active Directory Integration / LDAP Integration | Low | 3.1 | 2023-06-09 05:33:21 | Deep Dive |
| CVE-2023-2484 | Active Directory Integration / LDAP Integration <= 4.1.4 - Authenticated (Administrator+) SQL Injection | cyberlord92 | Active Directory Integration / LDAP Integration | High | 7.2 | 2023-06-09 05:33:15 | Deep Dive |
| CVE-2023-32978 | Jenkins Plugin LDAP 跨站请求伪造漏洞 | Jenkins Project | Jenkins LDAP Plugin | 中危 | - | 2023-05-16 16:00:00 | Deep Dive |
| CVE-2023-0812 | Active Directory Integration / LDAP Integration < 4.1.1 - Unauthenticated Data Disclosure | Unknown | Active Directory Integration / LDAP Integration | 高危 | - | 2023-05-15 12:15:39 | Deep Dive |
| CVE-2023-25613 | LDAP Injection Vulnerability in Apache Kerby | Apache Software Foundation | Apache Kerby LDAP Backend | 超危 | - | 2023-02-20 15:29:39 | Deep Dive |
| CVE-2023-23749 | Extension - miniorange - LDAP Integration - LDAP Injection (username) | miniorange | LDAP Integration with Active Directory and OpenLDAP - NTLM & Kerberos Login | 高危 | - | 2023-01-17 19:38:22 | Deep Dive |
| CVE-2015-10027 | hydrian TTRSS-Auth-LDAP Username ldap injection | hydrian | TTRSS-Auth-LDAP | Medium | 5.5 | 2023-01-07 16:42:32 | Deep Dive |
| CVE-2022-2987 | Ldap WP Login / Active Directory Integration < 3.0.2 - Unauthenticated Settings Update to Auth Bypass | Unknown | Ldap WP Login / Active Directory Integration | 高危 | - | 2022-09-26 12:35:36 | Deep Dive |