Lucene search
+L

267 matches found

CVE
CVE
added 2023/03/23 12:0 a.m.105 views

CVE-2022-36413

Zoho ManageEngine ADSelfService Plus (versions up to 6203) is affected by a brute-force vulnerability that can lead to password resets on IDM applications. The CVE-2022-36413 entry notes a high-severity issue (CVSS v3.1: 9.1, Network, Low attack complexity, No privileges, No user interaction) wit...

9.1CVSS9.1AI score0.03056EPSS
Exploits0References1Affected Software1
Snyk
Snyk
added 2023/03/01 8:18 a.m.4 views

Malicious Package

Overview middleware-idm-response is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

9.8CVSS7.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/01/30 11:42 a.m.2 views

Malicious code in middleware-idm-response (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e53def6a72c1048b136965e56c0ffa04def535accfed3f611c3c1f2e3b4d5bec Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2023/01/30 11:42 a.m.10 views

MAL-2023-593 Malicious code in middleware-idm-response (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e53def6a72c1048b136965e56c0ffa04def535accfed3f611c3c1f2e3b4d5bec Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/01/30 10:11 a.m.4 views

Malicious code in django-idm-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7500205256afd3e70ea8edbcfa2b5acf17cc55d212296b698b47098c635ef9a9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2023/01/30 10:11 a.m.12 views

MAL-2023-262 Malicious code in django-idm-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7500205256afd3e70ea8edbcfa2b5acf17cc55d212296b698b47098c635ef9a9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7.2AI score
Exploits0References1
Snyk
Snyk
added 2023/01/29 3:29 p.m.2 views

Malicious Package

Overview django-idm-api is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package wa...

9.8CVSS7.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/01/26 1:42 p.m.5 views

Malicious code in @blk/idm-okta-sdk-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1c20622741e2de2fbe724a0f651ff5d95cf0ca356d60a6793f289802ca53fa02 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/01/24 12:0 a.m.6 views

CVE-2022-26329 File existence disclosue vulnerability in IDM plugin

File existence disclosure vulnerability in NetIQ Identity Manager plugin prior to version 4.8.5 allows attacker to determine whether a file exists on the filesystem. This issue affects: Micro Focus NetIQ Identity Manager NetIQ Identity Manager versions prior to 4.8.5 on ALL...

1.8CVSS6.8AI score0.00466EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/01/24 12:0 a.m.25 views

CVE-2022-26329 File existence disclosue vulnerability in IDM plugin

File existence disclosure vulnerability in NetIQ Identity Manager plugin prior to version 4.8.5 allows attacker to determine whether a file exists on the filesystem. This issue affects: Micro Focus NetIQ Identity Manager NetIQ Identity Manager versions prior to 4.8.5 on ALL...

1.8CVSS5.4AI score0.00466EPSS
Exploits0References1
Rockylinux
Rockylinux
added 2023/01/12 8:25 a.m.17 views

client and idm:DL1 bug fix and enhancement update

An update is available for ipa, python-jwcrypto, custodia, bind-dyndb-ldap, python-qrcode, softhsm, slapi-nis, python-yubico, python-kdcproxy, opendnssec, ipa-healthcheck, pyusb. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

1.5AI score
Exploits0
Veracode
Veracode
added 2022/11/28 5:56 a.m.29 views

SQL Injection

org.opendaylight.aaa:aaa-idm-store-h2 is vulnerable to SQL Injection attacks. A specifically crafted attack statement through the deleteUser function in UserStore.java allows a malicious user to inject and execute arbitrary SQL queries on the target system, when the /auth/v1/users/ API interface ...

7.5CVSS8.2AI score0.00543EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/11/27 12:0 a.m.38 views

CVE-2022-45930

A SQL injection issue was discovered in AAA in OpenDaylight ODL before 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/DomainStore.java deleteDomain function is affected for the /auth/v1/domains/ API interface...

8.2AI score0.00687EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2022/11/08 6:22 a.m.8 views

client and idm:DL1 bug fix and enhancement update

An update is available for ipa, python-jwcrypto, custodia, bind-dyndb-ldap, python-qrcode, softhsm, slapi-nis, python-yubico, python-kdcproxy, opendnssec, ipa-healthcheck, pyusb. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

1.8AI score
Exploits0
Cvelist
Cvelist
added 2022/10/03 2:48 p.m.21 views

CVE-2022-42304

An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a SQL Injection attack affecting idm, nbars, and SLP manager code...

8CVSS10AI score0.00511EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2022/06/27 10:26 a.m.25 views

What Are Shadow IDs, and How Are They Crucial in 2022?

Just before last Christmas, in a first-of-a-kind case, JPMorgan was fined $200M for employees using non-sanctioned applications for communicating about financial strategy. No mention of insider trading, naked shorting, or any malevolence. Just employees circumventing regulation using, well, Shado...

7.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/05/20 12:0 a.m.9 views

The vulnerability of the user interface of the VMware Workspace One Access application management platform, the administration consoles of VMware Identity Manager (vIDM), and the virtual infrastructure management tools of VMware vRealize Automation allows a perpetrator to escalate their privileges.

The vulnerability of the user interface of the VMware Workspace One Access application management platform, as well as the administration consoles of VMware Identity Manager vIDM, and the virtual infrastructure management tool VMware vRealize Automation, is related to the possibility of bypassing...

10CVSS8AI score0.55801EPSS
Exploits3References3
Rockylinux
Rockylinux
added 2022/05/10 8:6 a.m.19 views

client and idm:DL1 bug fix and enhancement update

An update is available for ipa, python-jwcrypto, custodia, bind-dyndb-ldap, python-qrcode, softhsm, slapi-nis, python-yubico, python-kdcproxy, opendnssec, ipa-healthcheck, pyusb. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

1.8AI score
Exploits0
AlmaLinux
AlmaLinux
added 2022/05/10 8:6 a.m.23 views

idm:client and idm:DL1 bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

1.6AI score
Exploits0References1
OSV
OSV
added 2022/05/10 8:6 a.m.4 views

ALEA-2022:1884 idm:client and idm:DL1 bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

6.8AI score
Exploits0References1
Rows per page
Query Builder