Lucene search
+L

29 matches found

vulnersosv
vulnersosv
added 2024/05/03 6:30 p.m.10 views

com.srcclr:srcclr-maven-plugin (>=3.1.23 <=3.1.25), org.keycloak:keycloak-crypto-fips1402 (>=19.0.0 <=25.0.6) +17 more potentially affected by CVE-2024-34447 via org.bouncycastle:bctls-fips (>=1.0.12.2 <=1.0.18)

org.bouncycastle:bctls-fips MAVEN version =1.0.12.2, =3.1.23, =19.0.0, =14.7.0.0, =4.5.1, =4.5.1, =4.5.1, =4.5.1, =4.5.1, =4.5.1, =4.5.1, =4.5.1, =4.5.1, =4.5.1, =4.5.1, =4.5.1, =4.6.3 and more Source cves: CVE-2024-34447 Source advisory:...

7.5CVSS6.7AI score0.0077EPSS
Exploits0
bdu_fstec
bdu_fstec
added 2023/05/10 12:0 a.m.6 views

The vulnerability of the connection method to the LDAP server lies in the LDAP connector of the Java Remote Connector Server (RCS) and the OpenIDM identity management system. This vulnerability stems from the lack of protection for the transmitted data, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the LDAP connection method lies in the lack of protection for the data transmitted. Exploiting this vulnerability allows an attacker to gain unauthorized access to protected information...

7.8CVSS7.2AI score0.00347EPSS
Exploits0References3Affected Software1
cnnvd
cnnvd
added 2023/03/29 12:0 a.m.6 views

OpenIDM 安全漏洞

ForgeRock OpenIDM is an identity management system from ForgeRock Inc. in the United States. A security vulnerability exists in OpenIDM versions 1.5.20.9 through 1.5.20.13, which stems from the presence of a sensitive information plaintext transfer vulnerability...

7.5CVSS7.3AI score0.00347EPSS
Exploits0References4
cnnvd
cnnvd
added 2023/01/26 12:0 a.m.7 views

Jenkins Plugin OpenID 跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

8.8CVSS7.9AI score0.00556EPSS
Exploits0References2
bdu_fstec
bdu_fstec
added 2021/10/27 12:0 a.m.7 views

The vulnerability of the implementation of the OpenID standard for decentralized authentication systems lies in errors in the code for generating pseudo-random numbers. This allows a perpetrator to disclose the protected information.

The vulnerability of the OpenID decentralized authentication standard implementation is related to errors in the code of the pseudorandom number generator. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose the protected information...

5.9CVSS6.7AI score0.03951EPSS
Exploits1References3
osv
osv
added 2021/08/09 9:15 p.m.3 views

CVE-2021-21584

Dell OpenManage Enterprise version 3.5 and OpenManage Enterprise-Modular version 1.30.00 contain an information disclosure vulnerability. An authenticated low privileged attacker may potentially exploit this vulnerability leading to disclosure of the OIDC server credentials...

6.5CVSS5.8AI score0.0081EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2017/03/31 12:0 a.m.7 views

The vulnerability of WebSphere Application Server for application servers allows attackers to increase their privileges.

The vulnerability of OIDC components and TAI server components of WebSphere Application Server is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

6.8CVSS7.4AI score0.02237EPSS
Exploits0References3Affected Software1
osv
osv
added 2014/01/24 6:55 p.m.2 views

UBUNTU-CVE-2014-1475

The OpenID module in Drupal 6.x before 6.30 and 7.x before 7.26 allows remote OpenID users to authenticate as other users via unspecified vectors...

7.5CVSS5.8AI score0.01526EPSS
Exploits0References4
osv
osv
added 2008/06/03 3:32 p.m.10 views

DEBIAN-CVE-2008-0169

Plugin/passwordauth.pm aka the passwordauth plugin in ikiwiki 1.34 through 2.47 allows remote attackers to bypass authentication, and login to any account for which an OpenID identity is configured and a password is not configured, by specifying an empty password during the login sequence...

6.8CVSS9.3AI score0.01576EPSS
Exploits1References1
Rows per page
Query Builder