Lucene search
K

49 matches found

RedHat Linux
RedHat Linux
added 2026/02/05 6:57 p.m.7 views

Important: Red Hat Security Advisory: Self-service automation portal 2.1 security update

Updated images are now available for Self-service automation portal 2.1, which include new features, bug fixes, and enhancements for Red Hat Ansible Automation Platform integration with Red Hat Developer Hub. Self-service automation portal 2.1 delivers an Ansible-first Red Hat Developer Hub user...

9.8CVSS5.8AI score0.00399EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/09 12:36 p.m.11 views

CVE-2023-49706

Defective request context handling in Self Service in LinOTP 3.x before 3.2.5 allows remote unauthenticated attackers to escalate privileges, thereby allowing them to act as and with the permissions of another user. Attackers must generate repeated API requests to trigger a race condition with...

6.8CVSS7.3AI score0.0062EPSS
Exploits0References1
Snyk
Snyk
added 2025/12/10 1:57 a.m.2 views

Malicious Package

Overview self-service-portal-prod is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS6.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/03 8:45 p.m.8 views

Malicious code in self-service-portal-prod (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e4de1ac227f5bbfb5b8aead3c1eeccbaeaa77d15ff7575b83b4d7899c380eda The package self-service-portal-prod was found to contain malicious code. Source: ghsa-malware...

7AI score
Exploits0References1
EUVD
EUVD
added 2025/12/03 8:45 p.m.6 views

EUVD-2025-201110

Malicious code in self-service-portal-prod npm...

6.6AI score
Exploits0
OSV
OSV
added 2025/12/03 8:45 p.m.6 views

MAL-2025-192288 Malicious code in self-service-portal-prod (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e4de1ac227f5bbfb5b8aead3c1eeccbaeaa77d15ff7575b83b4d7899c380eda The package self-service-portal-prod was found to contain malicious code. Source: ghsa-malware...

7AI score
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2016-0926

Malware in sbrugna...

8.1CVSS8AI score0.02155EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-5355

Malware in sbrugna...

7.8CVSS7.9AI score0.00499EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2025/05/21 5:15 p.m.3 views

CVE-2025-20258

A vulnerability in the self-service portal of Cisco Duo could allow an unauthenticated, remote attacker to inject arbitrary commands into emails that are sent by the service. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting...

5.4CVSS6AI score0.00245EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/05/21 4:44 p.m.6 views

CVE-2025-20258

A vulnerability in the self-service portal of Cisco Duo could allow an unauthenticated, remote attacker to inject arbitrary commands into emails that are sent by the service. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting...

5.4CVSS5.7AI score0.00245EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/11/04 12:0 a.m.13 views

RHEL 6 : python-django-horizon and python-django-openstack-auth update (Moderate) (RHSA-2015:0845)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:0845 advisory. OpenStack Dashboard horizon provides administrators and users a graphical interface to access, provision and automate cloud-based resources. The...

5CVSS5.7AI score0.02864EPSS
Exploits0References7
Hacker One
Hacker One
added 2024/06/08 2:23 p.m.12 views

MTN Group: FULL ACCOUNT TAKEOVER

The selfservice portal at https://mymtn.com.ng/ allowed an attacker to take over any Nigerian MTN phone number. The attacker was able to access the account holder's personal information, such as date of birth and full name. The attacker also had the ability to use any available airtime on the...

7AI score
Exploits0
OSV
OSV
added 2024/04/03 5:15 p.m.4 views

CVE-2023-45552

In VeridiumID before 3.5.0, a stored cross-site scripting XSS vulnerability has been discovered in the admin portal that allows an authenticated attacker to take over all accounts by sending malicious input via the self-service portal...

6.5CVSS5.6AI score0.00346EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/03 12:0 a.m.3 views

VeridiumID 安全漏洞

VeridiumID is an integrated passwordless platform from VeridiumID. A security vulnerability exists in VeridiumID versions prior to 3.5.0. An attacker exploited the vulnerability to take over all accounts by sending malicious input through the self-service portal...

6.5CVSS6.7AI score0.00346EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/04/03 12:0 a.m.17 views

CVE-2023-45552

In VeridiumID before 3.5.0, a stored cross-site scripting XSS vulnerability has been discovered in the admin portal that allows an authenticated attacker to take over all accounts by sending malicious input via the self-service portal...

5.3AI score0.00346EPSS
Exploits0References2
CVE
CVE
added 2024/04/03 12:0 a.m.54 views

CVE-2023-45552

VeridiumID prior to 3.5.0 contains a stored XSS vulnerability in the admin portal that allows an authenticated attacker to take over all accounts by injecting malicious input through the self-service portal. Affected component: VeridiumID admin portal; vulnerability type: stored XSS; impact: acco...

6.5CVSS5.3AI score0.00346EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/04/03 12:0 a.m.13 views

CVE-2023-45552

In VeridiumID before 3.5.0, a stored cross-site scripting XSS vulnerability has been discovered in the admin portal that allows an authenticated attacker to take over all accounts by sending malicious input via the self-service portal...

5.3AI score0.00346EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/03 12:0 a.m.6 views

PT-2024-13251 · Veridium · Veridiumid

Name of the Vulnerable Software and Affected Versions: VeridiumID versions prior to 3.5.0 Description: A stored cross-site scripting issue has been found in the admin portal of the affected software. This allows an authenticated attacker to potentially take over all accounts by sending malicious...

6.5CVSS6.2AI score0.00346EPSS
Exploits0References3
NVD
NVD
added 2023/12/25 6:15 a.m.25 views

CVE-2023-40236

In Pexip VMR self-service portal before 3, the same SSH host key is used across different customers' installations, which allows authentication bypass...

5.3CVSS0.00387EPSS
Exploits0References1
OSV
OSV
added 2023/12/25 6:15 a.m.3 views

CVE-2023-40236

In Pexip VMR self-service portal before 3, the same SSH host key is used across different customers' installations, which allows authentication bypass...

5.3CVSS5.8AI score0.00387EPSS
Exploits0References1
Rows per page
Query Builder