12 matches found
EUVD-2025-29110
Malicious code in bioql PyPI...
EUVD-2025-21947
Malicious code in bioql PyPI...
CVE-2025-52924
In One Identity OneLogin before 2025.2.0, the SQL connection "application name" is set based on the value of an untrusted X-RequestId HTTP request header...
CVE-2025-52924
In One Identity OneLogin before 2025.2.0, the SQL connection "application name" is set based on the value of an untrusted X-RequestId HTTP request header...
CVE-2025-52924
In One Identity OneLogin before 2025.2.0, the SQL connection "application name" is set based on the value of an untrusted X-RequestId HTTP request header...
PT-2025-30108 · One Identity · Onelogin
Name of the Vulnerable Software and Affected Versions: One Identity OneLogin versions prior to 2025.2.0 Description: The SQL connection “application name” is set based on the value of an untrusted X-RequestId HTTP request header. Recommendations: Update One Identity OneLogin to version 2025.2.0 o...
One Identity OneLogin SQL注入漏洞
One Identity OneLogin is an identity and access management software from US-based One Identity. An SQL injection vulnerability exists in One Identity OneLogin versions prior to 2025.2.0, which stems from an improperly set SQL connection application name that could lead to information disclosure...
CVE-2025-52925
In One Identity OneLogin Active Directory Connector before 6.1.5, encryption of the DirectoryToken was mishandled, aka ST-812...
CVE-2025-52925
In One Identity OneLogin Active Directory Connector before 6.1.5, encryption of the DirectoryToken was mishandled, aka ST-812...
CVE-2025-52925
In One Identity OneLogin Active Directory Connector before 6.1.5, encryption of the DirectoryToken was mishandled, aka ST-812...
CVE-2025-52925
The vulnerability CVE-2025-52925 affects One Identity OneLogin Active Directory Connector versions prior to 6.1.5, where DirectoryToken encryption was mishandled (aka ST-812). Affected component: the connector’s encryption handling of DirectoryToken. Reported impact is limited to the mismanagemen...
One Identity OneLogin AD Connector 安全漏洞
One Identity OneLogin AD Connector is a connector software from One Identity USA. A security vulnerability exists in One Identity OneLogin AD Connector versions prior to 6.1.5, which stems from a JWT signing key disclosure leading to an authentication bypass...