6 matches found
EUVD-2023-34238
Malicious code in bioql PyPI...
Keycloak phishing attack via email verification step in first login flow
There is a flaw with the first login flow where, during a IdP login, an attacker with a registered account can initiate the process to merge accounts with an existing victim's account. The attacker will subsequently be prompted to "review profile" information, which allows the the attacker to...
CVE-2024-53647
Trend Micro ID Security, version 3.0 and below contains a vulnerability that could allow an attacker to send an unlimited number of email verification requests without any restriction, potentially leading to abuse or denial of service...
CVE-2024-43416
GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.17, an unauthenticated user can use an application endpoint to check if an email address corresponds to a valid GLPI user. Version 10.0.17 fixes the issue...
CVE-2024-53647
CVE-2024-53647 affects Trend Micro ID Security, version 3.0 and below. The vulnerability permits an attacker to send an unlimited number of email verification requests without restriction, which could enable abuse or denial of service. The available sources consistently describe the issue as an a...
CVE-2024-53647
Trend Micro ID Security, version 3.0 and below contains a vulnerability that could allow an attacker to send an unlimited number of email verification requests without any restriction, potentially leading to abuse or denial of service...