Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

Positive Technologies
Positive Technologiesadded 2025/11/12 12:0 a.m.3 views

PT-2025-46699

Name of the Vulnerable Software and Affected Versions Open Access Management OpenAM versions prior to 16.0.0 Description Open Access Management OpenAM contains a flaw where, if the claims parameter supported parameter is enabled, the "oidc-claims-extension.groovy" script allows injection of...

9.3CVSS7.1AI score0.00055EPSS
Exploits0References8
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2019-15484

Malware in sbrugna...

6.1CVSS6.3AI score0.00272EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2014-7117

Malware in sbrugna...

3.5CVSS6.4AI score0.0048EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2017-2513

Malware in sbrugna...

8.1CVSS7.1AI score0.00966EPSS
Exploits0References4
CNNVD
CNNVDadded 2024/07/24 12:0 a.m.2 views

OpenAM 安全漏洞

OpenAM is an all-in-one access management solution organized by the OpenAM Consortium. It provides authentication, authorization, delegation and federation capabilities. A security vulnerability exists in OpenAM version 15.0.3 and earlier versions, which stems from vulnerability to template...

8.8CVSS6.8AI score0.74311EPSS
Exploits0References3
OSV
OSVadded 2023/07/20 6:54 p.m.2 views

GHSA-4MH8-9WQ6-RJXG OpenAM vulnerable to user impersonation using SAMLv1.x SSO process

Impact OpenAM up to version 14.7.2 does not properly validate the signature of SAML responses received as part of the SAMLv1.x Single Sign-On process. Attackers can use this fact to impersonate any OpenAM user, including the administrator, by sending a specially crafted SAML response to the...

9.1CVSS5.7AI score0.01608EPSS
Exploits0References5
Information Security Automation
Information Security Automationadded 2021/07/19 4:29 p.m.341 views

Last Week’s Security news: Exploits for ForgeRock, vSphere, Apache Tomcat, new Print Spooler vuln, Kaseya Patch and REvil, SolarWinds, Schneider Electric, Bulletins

Hello guys! The fourth episode of Last Week’s Security news, July 12 – July 18. I would like to start with some new public exploits. I think these 4 are the most interesting. If you remember, 2 weeks ago I mentioned the ForgeRock Access Manager and OpenAM vulnerability CVE-2021-35464. Now there i...

10CVSS9.6AI score0.94412EPSS
Exploits31
Tenable Nessus
Tenable Nessusadded 2021/06/30 12:0 a.m.55 views

ForgeRock OpenAM < 7.0 Remote Code Execution

ForgeRock OpenAM is a popular access management software which is used to provide single sign-on SSO features to web applications. ForgeRock OpenAM versions below 7.0 suffer from a deserialization vulnerability, allowing a remote unauthenticated attacker to perform remote code execution on the...

10CVSS10AI score0.94386EPSS
Exploits8References3
OSV
OSVadded 2021/03/25 9:15 a.m.0 views

CVE-2021-29156

ForgeRock OpenAM before 13.5.1 allows LDAP injection via the Webfinger protocol. For example, an unauthenticated attacker can perform character-by-character retrieval of password hashes, or retrieve a session token or a private key...

7.5CVSS7.1AI score0.88708EPSS
Exploits5References2
OSV
OSVadded 2019/02/13 6:29 p.m.1 views

CVE-2018-0696

OpenAM Open Source Edition 13.0 and later does not properly manage sessions, which allows remote authenticated attackers to change the security questions and reset the login password via unspecified vectors...

7.5CVSS5.8AI score0.00248EPSS
Exploits0References3
Rows per page
Query Builder