Lucene search
+L

112 matches found

Positive Technologies
Positive Technologies
added 2025/12/02 12:0 a.m.3 views

PT-2025-48758

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 143.0.7499.41 Description A use after free issue exists in Digital Credentials within Google Chrome. This flaw could allow a remote attacker who has already compromised the renderer process to potentially exploi...

10CVSS6.8AI score0.00393EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 2025/10/15 12:0 a.m.5 views

PT-2025-54581

Name of the Vulnerable Software and Affected Versions Google Chrome affected versions not specified Description A flaw exists in the Digital Credentials component of the Google Chrome browser due to improper restriction of rendered user interface layers. Remote attackers may be able to compromise...

5CVSS5.4AI score0.00168EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.5 views

The vulnerability of the IBM Verify Identity Access Digital Credentials access control system lies in the absence of a reference to an active, allocated resource. This allows attackers to trigger a service failure.

The vulnerability of the IBM Verify Identity Access Digital Credentials access control system lies in the absence of a reference to an active, allocated resource. Exploiting this vulnerability could allow a malicious actor, operating remotely, to trigger a service failure using a specially create...

4.3CVSS5.5AI score0.00295EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.7 views

The vulnerability of the IBM Verify Identity Access Digital Credentials access control system lies in the shortcomings of its error reporting mechanism, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the IBM Verify Identity Access Digital Credentials access control system is related to deficiencies in the error reporting mechanism. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

4.3CVSS5.5AI score0.00273EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2025/06/06 2:15 a.m.11 views

CVE-2024-56343

IBM Verify Identity Access Digital Credentials 24.06 could allow an authenticated user to crash the service with a specially crafted POST request...

6.5CVSS0.00295EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/06 1:28 a.m.10 views

CVE-2024-56343 IBM Verify Identity Access Digital Credentials denial of service

IBM Verify Identity Access Digital Credentials 24.06 could allow an authenticated user to crash the service with a specially crafted POST request...

4.3CVSS4.7AI score0.00295EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/06 12:0 a.m.5 views

IBM Verify Identity Access Digital Credentials 安全漏洞

IBM Verify Identity Access Digital Credentials is a rights management system from International Business Machines IBM. A security vulnerability exists in IBM Verify Identity Access Digital Credentials version 24.06 that originates from a specially crafted POST request and could cause the service ...

6.5CVSS6.3AI score0.00295EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/06 12:0 a.m.4 views

IBM Verify Identity Access Digital Credentials 安全漏洞

IBM Verify Identity Access Digital Credentials is a rights management system from International Business Machines IBM. A security vulnerability exists in IBM Verify Identity Access Digital Credentials version 24.06, which stems from an error message disclosure that could lead to access to sensiti...

5.3CVSS6.1AI score0.00273EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/06/04 12:0 a.m.12 views

PT-2025-23998 · Ibm · Ibm Verify Identity Access Digital Credentials

Name of the Vulnerable Software and Affected Versions: IBM Verify Identity Access Digital Credentials version 24.06 Description: The issue allows an authenticated user to crash the service by sending a specially crafted POST request. This could potentially lead to a denial-of-service condition...

6.5CVSS6.1AI score0.00295EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/04/16 12:0 a.m.4 views

Accredible 安全漏洞

Accredible is a world-leading digital credentialing platform from Accredible, Inc. that provides digital badges and digital certificates. Accredible has a security vulnerability that stems from allowing an insecure direct object reference attack that can lead to information disclosure...

7.5CVSS6.5AI score0.00357EPSS
Exploits0References3
Schneier on Security
Schneier on Security
added 2022/06/28 11:22 a.m.17 views

When Security Locks You Out of Everything

Thought experiment story of someone who lost everything in a house fire, and now cant log into anything: But to get into my cloud, I need my password and 2FA. And even if I could convince the cloud provider to bypass that and let me in, the backup is secured with a password which is stored in--yo...

0.7AI score
Exploits0
The Hacker News
The Hacker News
added 2011/05/26 6:28 a.m.13 views

Internet Explorer vulnerable to Cookie-jacking

Internet Explorer vulnerable to Cookie-jacking A security researcher has devised an attack that remotely steals digital credentials used to access user accounts on Facebook and other websites by exploiting a flaw in Microsoft's Internet Explorer browser. Independent researcher Rosario Valotta...

7.1AI score
Exploits0
Rows per page
Query Builder