Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

12 matches found

CNVD
CNVDadded 2021/04/07 12:0 a.m.4 views

OpenIAM Directory Traversal Vulnerability

OpenIAM is a fully integrated identity and access management platform. A directory traversal vulnerability exists in batch tasks in versions of OpenIAM prior to 4.2.0.3. No detailed vulnerability details are provided at this time...

5.3CVSS6.7AI score0.00147EPSS
Exploits0References1
NVD
NVDadded 2021/04/06 9:15 p.m.8 views

CVE-2020-13422

OpenIAM before 4.2.0.3 does not verify if a user has permissions to perform /webconsole/rest/api/ administrative actions...

8.1CVSS0.00146EPSS
Exploits0References2
NVD
NVDadded 2021/04/06 9:15 p.m.11 views

CVE-2020-13421

OpenIAM before 4.2.0.3 has Incorrect Access Control for the Create User, Modify User Permissions, and Password Reset actions...

9.8CVSS0.00328EPSS
Exploits0References2
NVD
NVDadded 2021/04/06 9:15 p.m.7 views

CVE-2020-13419

OpenIAM before 4.2.0.3 allows Directory Traversal in the Batch task...

5.3CVSS0.00147EPSS
Exploits0References1
OSV
OSVadded 2021/04/06 9:15 p.m.0 views

CVE-2020-13418

OpenIAM before 4.2.0.3 allows XSS in the Add New User feature...

6.1CVSS5.8AI score
Exploits0References1
Prion
Prionadded 2021/04/06 9:15 p.m.8 views

Design/Logic Flaw

OpenIAM before 4.2.0.3 allows XSS in the Add New User feature...

4.3CVSS6AI score0.0024EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2021/04/06 9:15 p.m.11 views

Directory traversal

OpenIAM before 4.2.0.3 allows Directory Traversal in the Batch task...

5CVSS5.3AI score0.00147EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2021/04/06 8:8 p.m.6 views

CVE-2020-13420

OpenIAM before 4.2.0.3 allows remote attackers to execute arbitrary code via Groovy Script...

9.8AI score0.02136EPSS
Exploits0References1
CNNVD
CNNVDadded 2021/04/06 12:0 a.m.1 views

Github OpenIAM 路径遍历漏洞

OpenIAM is a fully integrated identity and access management platform. A directory traversal vulnerability exists in batch tasks in versions of OpenIAM prior to 4.2.0.3. No detailed vulnerability details are provided at this time...

5.3CVSS5.5AI score0.00147EPSS
Exploits0References2
CNNVD
CNNVDadded 2021/04/06 12:0 a.m.2 views

Github OpenIAM 跨站脚本漏洞

OpenIAM is a fully integrated identity and access management platform. A cross-site scripting vulnerability exists in the "Add New User" feature in OpenIAM versions prior to 4.2.0.3. No details of the vulnerability are available at this time...

6.1CVSS5.2AI score0.0024EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2021/04/06 12:0 a.m.2 views

PT-2021-9610 · Openiam · Openam

Name of the Vulnerable Software and Affected Versions: OpenIAM versions prior to 4.2.0.3 Description: The issue concerns a lack of permission verification for users attempting to perform administrative actions through the "/webconsole/rest/api/" endpoint. This means that users without proper...

8.1CVSS8.2AI score0.00146EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletinsadded 2018/08/08 4:13 a.m.21 views

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2015 (CVE-2015-4872, CVE-2015-4893, CVE-2015-4803)

Summary IBM Cloud Manager is vulnerable to some Java vulnerabilities, which allow a remote attacker to cause a denial of service. Vulnerability Details CVEID: CVE-2015-4872 DESCRIPTION: An unspecified vulnerability in Oracle Java SE and JRockit related to the Security component has no...

5CVSS1.8AI score0.058EPSS
Exploits0Affected Software1
Rows per page
Query Builder