Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.14 views

EUVD-2025-29110

Malicious code in bioql PyPI...

7.7CVSS6.8AI score0.00303EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-21947

Malicious code in bioql PyPI...

4CVSS6.6AI score0.00245EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/07/21 12:8 a.m.12 views

CVE-2025-52924

In One Identity OneLogin before 2025.2.0, the SQL connection "application name" is set based on the value of an untrusted X-RequestId HTTP request header...

4CVSS7.2AI score0.00245EPSS
Exploits0References1
NVD
NVD
added 2025/07/19 3:15 a.m.5 views

CVE-2025-52924

In One Identity OneLogin before 2025.2.0, the SQL connection "application name" is set based on the value of an untrusted X-RequestId HTTP request header...

4CVSS0.00245EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/19 12:0 a.m.3 views

CVE-2025-52924

In One Identity OneLogin before 2025.2.0, the SQL connection "application name" is set based on the value of an untrusted X-RequestId HTTP request header...

4CVSS7AI score0.00245EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/19 12:0 a.m.4 views

PT-2025-30108 · One Identity · Onelogin

Name of the Vulnerable Software and Affected Versions: One Identity OneLogin versions prior to 2025.2.0 Description: The SQL connection “application name” is set based on the value of an untrusted X-RequestId HTTP request header. Recommendations: Update One Identity OneLogin to version 2025.2.0 o...

4CVSS7AI score0.00245EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/07/19 12:0 a.m.3 views

One Identity OneLogin SQL注入漏洞

One Identity OneLogin is an identity and access management software from US-based One Identity. An SQL injection vulnerability exists in One Identity OneLogin versions prior to 2025.2.0, which stems from an improperly set SQL connection application name that could lead to information disclosure...

4CVSS7.4AI score0.00245EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/07/04 12:23 a.m.7 views

CVE-2025-52925

In One Identity OneLogin Active Directory Connector before 6.1.5, encryption of the DirectoryToken was mishandled, aka ST-812...

5CVSS7.2AI score0.00141EPSS
Exploits0References1
NVD
NVD
added 2025/07/02 4:15 a.m.5 views

CVE-2025-52925

In One Identity OneLogin Active Directory Connector before 6.1.5, encryption of the DirectoryToken was mishandled, aka ST-812...

5CVSS0.00141EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/02 12:0 a.m.6 views

CVE-2025-52925

In One Identity OneLogin Active Directory Connector before 6.1.5, encryption of the DirectoryToken was mishandled, aka ST-812...

5CVSS7.2AI score0.00141EPSS
Exploits0References2
CVE
CVE
added 2025/07/02 12:0 a.m.19 views

CVE-2025-52925

The vulnerability CVE-2025-52925 affects One Identity OneLogin Active Directory Connector versions prior to 6.1.5, where DirectoryToken encryption was mishandled (aka ST-812). Affected component: the connector’s encryption handling of DirectoryToken. Reported impact is limited to the mismanagemen...

5CVSS6.7AI score0.00141EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/01 12:0 a.m.5 views

One Identity OneLogin AD Connector 安全漏洞

One Identity OneLogin AD Connector is a connector software from One Identity USA. A security vulnerability exists in One Identity OneLogin AD Connector versions prior to 6.1.5, which stems from a JWT signing key disclosure leading to an authentication bypass...

10CVSS6.6AI score0.00535EPSS
Exploits0References4
Rows per page
Query Builder