41 matches found
EUVD-2020-5676
Malware in sbrugna...
EUVD-2020-5672
Malware in sbrugna...
EUVD-2020-5673
Malware in sbrugna...
EUVD-2020-5675
Malware in sbrugna...
EUVD-2020-5674
Malware in sbrugna...
OpenIAM Remote Code Execution Vulnerability
OpenIAM is a fully integrated identity and access management platform. A remote code execution vulnerability exists in OpenIAM versions prior to 4.2.0.3. An attacker can exploit this vulnerability to execute arbitrary code via Groovy Script...
OpenIAM Access Control Error Vulnerability
OpenIAM is a fully integrated identity and access management platform. Vulnerabilities exist in OpenIAM versions prior to 4.2.0.3 due to access control errors in the "Create User", "Modify User Privileges" and "Password Reset" operations. No details of the vulnerabilities are available at this ti...
OpenIAM Cross-Site Scripting Vulnerability
OpenIAM is a fully integrated identity and access management platform. A cross-site scripting vulnerability exists in the "Add New User" feature in OpenIAM versions prior to 4.2.0.3. No details of the vulnerability are available at this time...
OpenIAM Improper Privilege Control Vulnerability
OpenIAM is a fully integrated identity and access management platform. A privilege control impropriety vulnerability exists in OpenIAM versions prior to 4.2.0.3. The vulnerability stems from OpenIAM not verifying that a user has permission to perform /webconsole/rest/api/ administrative operation...
OpenIAM Directory Traversal Vulnerability
OpenIAM is a fully integrated identity and access management platform. A directory traversal vulnerability exists in batch tasks in versions of OpenIAM prior to 4.2.0.3. No detailed vulnerability details are provided at this time...
CVE-2020-13420
OpenIAM before 4.2.0.3 allows remote attackers to execute arbitrary code via Groovy Script...
CVE-2020-13421
OpenIAM before 4.2.0.3 has Incorrect Access Control for the Create User, Modify User Permissions, and Password Reset actions...
CVE-2020-13422
OpenIAM before 4.2.0.3 does not verify if a user has permissions to perform /webconsole/rest/api/ administrative actions...
CVE-2020-13422
OpenIAM before 4.2.0.3 does not verify if a user has permissions to perform /webconsole/rest/api/ administrative actions...
CVE-2020-13420
OpenIAM before 4.2.0.3 allows remote attackers to execute arbitrary code via Groovy Script...
CVE-2020-13421
OpenIAM before 4.2.0.3 has Incorrect Access Control for the Create User, Modify User Permissions, and Password Reset actions...
CVE-2020-13419
OpenIAM before 4.2.0.3 allows Directory Traversal in the Batch task...
CVE-2020-13419
OpenIAM before 4.2.0.3 allows Directory Traversal in the Batch task...
CVE-2020-13418
OpenIAM before 4.2.0.3 allows XSS in the Add New User feature...
CVE-2020-13418
OpenIAM before 4.2.0.3 allows XSS in the Add New User feature...