29 matches found
com.srcclr:srcclr-maven-plugin (>=3.1.23 <=3.1.25), org.keycloak:keycloak-crypto-fips1402 (>=19.0.0 <=25.0.6) +17 more potentially affected by CVE-2024-34447 via org.bouncycastle:bctls-fips (>=1.0.12.2 <=1.0.18)
org.bouncycastle:bctls-fips MAVEN version =1.0.12.2, =3.1.23, =19.0.0, =14.7.0.0, =4.5.1, =4.5.1, =4.5.1, =4.5.1, =4.5.1, =4.5.1, =4.5.1, =4.5.1, =4.5.1, =4.5.1, =4.5.1, =4.5.1, =4.6.3 and more Source cves: CVE-2024-34447 Source advisory:...
The vulnerability of the connection method to the LDAP server lies in the LDAP connector of the Java Remote Connector Server (RCS) and the OpenIDM identity management system. This vulnerability stems from the lack of protection for the transmitted data, allowing attackers to gain unauthorized access to protected information.
The vulnerability of the LDAP connection method lies in the lack of protection for the data transmitted. Exploiting this vulnerability allows an attacker to gain unauthorized access to protected information...
OpenIDM 安全漏洞
ForgeRock OpenIDM is an identity management system from ForgeRock Inc. in the United States. A security vulnerability exists in OpenIDM versions 1.5.20.9 through 1.5.20.13, which stems from the presence of a sensitive information plaintext transfer vulnerability...
Jenkins Plugin OpenID 跨站请求伪造漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
The vulnerability of the implementation of the OpenID standard for decentralized authentication systems lies in errors in the code for generating pseudo-random numbers. This allows a perpetrator to disclose the protected information.
The vulnerability of the OpenID decentralized authentication standard implementation is related to errors in the code of the pseudorandom number generator. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose the protected information...
CVE-2021-21584
Dell OpenManage Enterprise version 3.5 and OpenManage Enterprise-Modular version 1.30.00 contain an information disclosure vulnerability. An authenticated low privileged attacker may potentially exploit this vulnerability leading to disclosure of the OIDC server credentials...
The vulnerability of WebSphere Application Server for application servers allows attackers to increase their privileges.
The vulnerability of OIDC components and TAI server components of WebSphere Application Server is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...
UBUNTU-CVE-2014-1475
The OpenID module in Drupal 6.x before 6.30 and 7.x before 7.26 allows remote OpenID users to authenticate as other users via unspecified vectors...
DEBIAN-CVE-2008-0169
Plugin/passwordauth.pm aka the passwordauth plugin in ikiwiki 1.34 through 2.47 allows remote attackers to bypass authentication, and login to any account for which an OpenID identity is configured and a password is not configured, by specifying an empty password during the login sequence...