Lucene search
K

13 matches found

NVD
NVD
added 2026/04/29 6:16 p.m.5 views

CVE-2026-5712

This vulnerability impacts all versions of IdentityIQ and allows an authenticated identity that is the requestor or assignee of a work item to edit the definition of a role without having an assigned capability that would allow role editing...

8.8CVSS0.00163EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/29 5:18 p.m.4 views

EUVD-2026-26260

This vulnerability impacts all versions of IdentityIQ and allows an authenticated identity that is the requestor or assignee of a work item to edit the definition of a role without having an assigned capability that would allow role editing...

8CVSS5.3AI score0.00163EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/15 9:30 p.m.4 views

EUVD-2026-23007

IdentityIQ 8.5, all IdentityIQ 8.5 patch levels prior to 8.5p2, IdentityIQ 8.4, and all IdentityIQ 8.4 patch levels prior to 8.4p4 allow authenticated users assigned the Debug Pages Read Only capability or any custom capability with the ViewAccessDebugPage SPRight to incorrectly create new...

8.4CVSS5.8AI score0.00269EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.8 views

SailPoint IdentityIQ 安全漏洞

SailPoint IdentityIQ is a security software developed by SailPoint Corporation. It provides credit monitoring, identity protection, and antivirus features. There are security vulnerabilities in versions of SailPoint IdentityIQ prior to version 8.5p2, 8.4, and 8.4p4. These vulnerabilities stem fro...

8.4CVSS5.8AI score0.00269EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:9 a.m.20 views

CVE-2024-2227

This vulnerability allows access to arbitrary files in the application server file system due to a path traversal vulnerability in JavaServer Faces JSF 2.2.20 documented in CVE-2020-6950. The remediation for this vulnerability contained in this security fix provides additional changes to the...

10CVSS6.8AI score0.10124EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-33546

Malicious code in bioql PyPI...

10CVSS9.1AI score0.00954EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-36475

Malicious code in bioql PyPI...

9CVSS8.5AI score0.00628EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:46 a.m.6 views

CVE-2023-32217

IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p3, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p6, IdentityIQ 8.1 and all 8.1 patch levels prior to 8.1p7, IdentityIQ 8.0 and all 8.0 patch levels prior to 8.0p6 allow an authenticated user to invoke a Java constructor with no arguments...

9CVSS8.2AI score0.00628EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:47 p.m.7 views

CVE-2022-45435

IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p2, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p5, IdentityIQ 8.1 and all 8.1 patch levels prior to 8.1p7, IdentityIQ 8.0 and all 8.0 patch levels prior to 8.0p6, and all prior versions allow authenticated users assigned the Identity...

6.8CVSS6.7AI score0.00392EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2024/12/04 5:8 a.m.19 views

Critical SailPoint IdentityIQ Vulnerability Exposes Files to Unauthorized Access

A critical security vulnerability has been disclosed in SailPoint's IdentityIQ identity and access management IAM software that allows unauthorized access to content stored within the application directory. The flaw, tracked as CVE-2024-10905 , has a CVSS score of 10.0, indicating maximum severit...

10CVSS9.3AI score0.00954EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/03/22 3:50 p.m.16 views

CVE-2024-2228 IdentityIQ Authorization of QuickLink Target Identities Vulnerability

This vulnerability allows an authenticated user to perform a Lifecycle Manager flow or other QuickLink for a target user outside of the defined QuickLink Population...

7.1CVSS6.7AI score0.00387EPSS
Exploits0References1
NCSC
NCSC
added 2023/06/05 12:0 a.m.4 views

Vulnerability fixed in Sailpoint IdentityIQ

Sailpoint has fixed a vulnerability in IdentityIQ. A authenticated malicious person could exploit the vulnerability to execute arbitrary code in the application, potentially gain access to user credentials and authorization information. Sailpoint has released updates to fix the vulnerability in a...

9CVSS7.3AI score0.00628EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2023/01/31 12:0 a.m.11 views

CVE-2022-46835 SailPoint IdentityIQ JavaServer File Path Traversal Vulnerability

IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p2, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p5, IdentityIQ 8.1 and all 8.1 patch levels prior to 8.1p7, IdentityIQ 8.0 and all 8.0 patch levels prior to 8.0p6 allow access to arbitrary files in the application server filesystem due t...

8.8CVSS8.6AI score0.00935EPSS
Exploits0References1
Rows per page
Query Builder