EUVD-2024-48058

Malicious code in bioql PyPI...

EUVD-2024-33040

Malicious code in bioql PyPI...

CVE-2024-0980

The Auto-update service for Okta Verify for Windows is vulnerable to two flaws which in combination could be used to execute arbitrary code...

CVE-2024-9191

The Okta Device Access features, provided by the Okta Verify agent for Windows, provides access to the OktaDeviceAccessPipe, which enables attackers in a compromised device to retrieve passwords associated with Desktop MFA passwordless logins. The vulnerability was discovered via routine...

CVE-2024-9191

The CVE concerns Okta Verify on Windows where the Device Access feature exposes the OktaDeviceAccessPipe, enabling a compromised device user to retrieve passwords for Desktop MFA passwordless logins. Affected component: Okta Verify agent for Windows with Okta Device Access passwordless feature en...

CVE-2024-9191

The Okta Device Access features, provided by the Okta Verify agent for Windows, provides access to the OktaDeviceAccessPipe, which enables attackers in a compromised device to retrieve passwords associated with Desktop MFA passwordless logins. The vulnerability was discovered via routine...

Okta Verify 安全漏洞

Okta Verify is a lightweight application from Okta that allows you to securely access your apps with two-step verification, ensuring that you and only you have access to your app account. A security vulnerability exists in Okta Verify versions 5.0.2 through 5.3.2, which originates in the Windows...

CVE-2024-10327

A vulnerability in Okta Verify for iOS versions 9.25.1 beta and 9.27.0 including beta allows push notification responses through the iOS ContextExtension feature allowing the authentication to proceed regardless of the user’s selection. When a user long-presses the notification banner and selects...

CVE-2024-10327

A vulnerability in Okta Verify for iOS versions 9.25.1 beta and 9.27.0 including beta allows push notification responses through the iOS ContextExtension feature allowing the authentication to proceed regardless of the user’s selection. When a user long-presses the notification banner and selects...

CVE-2024-10327

CVE-2024-10327 affects Okta Verify for iOS 9.25.1 (beta)–9.27.0 (including beta). The vulnerability allows push notification responses via the iOS ContextExtension to authenticate regardless of user choice, across scenarios: locked-screen replies, home-screen drag-and-reply, and Apple Watch repli...

CVE-2024-10327

A vulnerability in Okta Verify for iOS versions 9.25.1 beta and 9.27.0 including beta allows push notification responses through the iOS ContextExtension feature allowing the authentication to proceed regardless of the user’s selection. When a user long-presses the notification banner and selects...

PT-2024-16190

Name of the Vulnerable Software and Affected Versions Okta Verify for iOS versions 9.25.1 beta through 9.27.0 including beta Description A vulnerability in Okta Verify for iOS allows push notification responses through the iOS ContextExtension feature, enabling authentication to proceed regardles...

Okta Verify 安全漏洞

Okta Verify is a lightweight app from Okta that allows you to securely access your apps with two-step verification, ensuring that you and only you have access to your app account. A security vulnerability exists in Okta Verify versions 9.25.1 and 9.27.0, which stems from allowing push notificatio...

CVE-2024-7061

Okta Verify for Windows is vulnerable to privilege escalation through DLL hijacking. The vulnerability is fixed in Okta Verify for Windows version 5.0.2. To remediate this vulnerability, upgrade to 5.0.2 or greater...

CVE-2024-7061

Okta Verify for Windows is vulnerable to privilege escalation through DLL hijacking. The vulnerability is fixed in Okta Verify for Windows version 5.0.2. To remediate this vulnerability, upgrade to 5.0.2 or greater...

CVE-2024-7061

Okta Verify for Windows is vulnerable to privilege escalation through DLL hijacking. The vulnerability is fixed in Okta Verify for Windows version 5.0.2. To remediate this vulnerability, upgrade to 5.0.2 or greater...

CVE-2024-7061

Okta Verify for Windows is vulnerable to privilege escalation through DLL hijacking. The vulnerability is fixed in Okta Verify for Windows version 5.0.2. To remediate this vulnerability, upgrade to 5.0.2 or greater...

CVE-2024-7061

CVE-2024-7061 affects Okta Verify for Windows. The issue is a privilege escalation via DLL hijacking in versions prior to 5.0.2. The root cause is improper handling of DLL loading that can be exploited locally with low privileges and no user interaction required, leading to high-impact confidenti...

PT-2024-38050 · Okta · Okta Verify For Windows

Name of the Vulnerable Software and Affected Versions: Okta Verify for Windows versions prior to 5.0.2 Description: The issue concerns a privilege escalation vulnerability through DLL hijacking. The vulnerability is fixed in version 5.0.2. Recommendations: For versions prior to 5.0.2, upgrade to...

Okta Verify 安全漏洞

Okta Verify is a lightweight application from Okta that allows you to securely access your application with two-step verification, ensuring that you and only you have access to your application account. A security vulnerability exists in Okta Verify versions prior to 5.0.2, which stems from...