22 matches found
EUVD-2024-34813
Malicious code in bioql PyPI...
CVE-2024-34458
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in information disclosure...
CVE-2024-33872
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in code execution and escalation of privileges...
CVE-2024-49202
Keyfactor Command before 12.5.0 has Incorrect Access Control: access tokens are over permissioned, aka 64099. The fixed versions are 11.5.1.1, 11.5.2.1, 11.5.3.1, 11.5.4.5, 11.5.6.1, 11.6.0, 12.2.0.1, 12.3.0.1, 12.4.0.1, 12.5.0, and 24.4.0...
CVE-2024-49202
Keyfactor Command before 12.5.0 has Incorrect Access Control: access tokens are over permissioned, aka 64099. The fixed versions are 11.5.1.1, 11.5.2.1, 11.5.3.1, 11.5.4.5, 11.5.6.1, 11.6.0, 12.2.0.1, 12.3.0.1, 12.4.0.1, 12.5.0, and 24.4.0...
CVE-2024-49202
Keyfactor Command before 12.5.0 has Incorrect Access Control: access tokens are over permissioned, aka 64099. The fixed versions are 11.5.1.1, 11.5.2.1, 11.5.3.1, 11.5.4.5, 11.5.6.1, 11.6.0, 12.2.0.1, 12.3.0.1, 12.4.0.1, 12.5.0, and 24.4.0...
CVE-2024-49202
Keyfactor Command before 12.5.0 has Incorrect Access Control: access tokens are over permissioned, aka 64099. The fixed versions are 11.5.1.1, 11.5.2.1, 11.5.3.1, 11.5.4.5, 11.5.6.1, 11.6.0, 12.2.0.1, 12.3.0.1, 12.4.0.1, 12.5.0, and 24.4.0...
CVE-2024-49202
Keyfactor Command prior to v12.5.0 contains an Incorrect Access Control issue where access tokens have over-permissioned rights (64099). Reported across multiple sources, the vulnerability affects versions before 12.5.0 and fixes are provided in the following releases: 11.5.1.1, 11.5.2.1, 11.5.3....
PT-2024-33344 · Keyfactor · Keyfactor Command
Name of the Vulnerable Software and Affected Versions: Keyfactor Command versions prior to 12.5.0 Description: The issue concerns incorrect access control where access tokens have more permissions than allowed. Recommendations: For versions prior to 12.5.0, update to one of the fixed versions:...
Keyfactor Command 安全漏洞
Keyfactor Command is a PKI and machine identity automation application from Keyfactor. A security vulnerability exists in Keyfactor Command prior to version 12.5.0 that stems from the inclusion of an incorrect access control issue...
CVE-2024-33872
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in code execution and escalation of privileges...
CVE-2024-34458
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in information disclosure...
CVE-2024-34458
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in information disclosure...
CVE-2024-33872
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in code execution and escalation of privileges...
Keyfactor Command 安全漏洞
Keyfactor Command is a PKI and machine identity automation application from Keyfactor. A security vulnerability exists in Keyfactor Command versions prior to 10.5.1 and prior to 11.5.1, which stems from susceptibility to SQL injection attacks that could lead to code execution and elevation of...
Keyfactor Command 安全漏洞
Keyfactor Command is a PKI and machine identity automation application from Keyfactor. A security vulnerability exists in Keyfactor Command versions prior to 10.5.1 and prior to 11.5.1, which stems from susceptibility to SQL injection attacks that could lead to information disclosure...
CVE-2024-33872
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in code execution and escalation of privileges...
CVE-2024-34458
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in information disclosure...
CVE-2024-34458
Summary: CVE-2024-34458 affects Keyfactor Command. Versions 10.5.x prior to 10.5.1 and 11.5.x prior to 11.5.1 are vulnerable to SQL Injection, which can lead to information disclosure. The exploitation status is not provided in the documents. Impact: information disclosure due to SQL Injection. A...
PT-2024-25912 · Keyfactor · Keyfactor Command
Name of the Vulnerable Software and Affected Versions: Keyfactor Command versions 10.5.x through 10.5.0 Keyfactor Command versions 11.5.x through 11.5.0 Description: The issue allows SQL Injection, which could result in information disclosure. Recommendations: For Keyfactor Command versions 10.5....