32 matches found
EUVD-2021-25300
Malware in sbrugna...
EUVD-2021-25301
Malware in sbrugna...
EUVD-2021-7859
Malicious code in bioql PyPI...
EUVD-2021-7852
Malicious code in bioql PyPI...
CVE-2024-45672
IBM Security Verify Bridge 1.0.0 through 1.0.15 could allow a local privileged user to overwrite files due to excessive privileges granted to the agent. which could also cause a denial of service...
Security Bulletin: Security vulnerabilities have been discovered in IBM Security Verify Bridge (CVE-2024-45673, CVE-2024-45674)
Summary Security vulnerabilities have been addressed in IBM Security Verify Bridge offering. Vulnerability Details CVEID:CVE-2024-45673 DESCRIPTION: IBM Security Verify Bridge stores user credentials in configuration files which can be read by a local user. CWE:CWE-260: Password in Configuration...
CVE-2024-45674 IBM Security Verify Bridge information disclosure
IBM Security Verify Bridge Directory Sync 1.0.1 through 1.0.12, IBM Security Verify Gateway for Windows Login 1.0.1 through 1.0.10, and IBM Security Verify Gateway for Radius 1.0.1 through 1.0.11 stores potentially sensitive information in log files that could be read by a local user...
CVE-2024-45674
IBM Security Verify Bridge 1.0.1–1.0.12, IBM Security Verify Gateway for Windows Login 1.0.1–1.0.10, and IBM Security Verify Gateway for Radius 1.0.1–1.0.11 are affected by CVE-2024-45674, which is an information-disclosure vulnerability where sensitive data is stored in log files that can be rea...
CVE-2024-45673 IBM Security Verify Bridge information disclosure
IBM Security Verify Bridge Directory Sync 1.0.1 through 1.0.12, IBM Security Verify Gateway for Windows Login 1.0.1 through 1.0.10, and IBM Security Verify Gateway for Radius 1.0.1 through 1.0.11 stores user credentials in configuration files which can be read by a local user...
CVE-2024-45672 IBM Security Verify Bridge data manipulation
IBM Security Verify Bridge 1.0.0 through 1.0.15 could allow a local privileged user to overwrite files due to excessive privileges granted to the agent. which could also cause a denial of service...
CVE-2024-45672
CVE-2024-45672 affects IBM Security Verify Bridge versions 1.0.0–1.0.15. The issue arises from excessive privileges granted to the agent, enabling a local privileged user to overwrite files and potentially cause a denial of service (CWE-471). The vulnerability is described with a CVSSv3.1 base sc...
CVE-2024-45672 IBM Security Verify Bridge data manipulation
IBM Security Verify Bridge 1.0.0 through 1.0.15 could allow a local privileged user to overwrite files due to excessive privileges granted to the agent. which could also cause a denial of service...
Security Bulletin: IBM Security Verify Bridge (windows and docker versions) affected by a denial of service issue in Go (CVE-2022-32149)
Summary IBM Security Verify Bridge windows and docker versions fixed the vulnerability by upgrading the Go component to the proper version containing all fixes. Vulnerability Details CVEID:CVE-2022-32149 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by improper input...
Security Bulletin: Denial of service vulnerability in OpenSSL as shipped with IBM Security Verify Bridge Docker image (CVE-2022-0778)
Summary A denial of service vulnerability found in OpenSSL was fixed in the following products: IBM Security Verify Bridge Docker image v 1.0.11. Vulnerability Details CVEID:CVE-2022-0778 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a flaw in the BNmodsqrt function when...
IBM Security Verify Bridge Information Disclosure Vulnerability (CNVD-2021-77467)
IBM Security Verify Bridge is an IBM application component from International Business Machines IBM, Inc. Provides IBM Cloud access to user attributes and authentication that are controlled by the client's local LDAP or Active Directory for the IBM Cloud. An information disclosure vulnerability...
IBM Security Verify Bridge Information Disclosure Vulnerability (CNVD-2021-77468)
IBM Security Verify Bridge is an IBM application component from International Business Machines IBM, Inc. provides IBM Cloud access to user attributes and authentication that are controlled by the client's local LDAP or Active Directory. A security vulnerability exists in IBM Security Verify Brid...
CVE-2021-38864
IBM Security Verify Bridge 1.0.5.0 could allow a user to obtain sensitive information due to improper certificate validation. IBM X-Force ID: 208155...
CVE-2021-38863
IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read by a locally authenticated user. IBM X-Force ID: 208154...
CVE-2021-38863
IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read by a locally authenticated user. IBM X-Force ID: 208154...
Design/Logic Flaw
IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 196346...