CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2025/05/23 10:4 a.m.•2 views

CVE-2024-0980

The Auto-update service for Okta Verify for Windows is vulnerable to two flaws which in combination could be used to execute arbitrary code...

7.1CVSS7.6AI score0.00075EPSS

Exploits0References1

NVD•added 2024/11/01 10:15 p.m.•13 views

CVE-2024-9191

The Okta Device Access features, provided by the Okta Verify agent for Windows, provides access to the OktaDeviceAccessPipe, which enables attackers in a compromised device to retrieve passwords associated with Desktop MFA passwordless logins. The vulnerability was discovered via routine...

7.8CVSS0.00237EPSS

Exploits0References2

CVE•added 2024/11/01 9:21 p.m.•51 views

CVE-2024-9191

The CVE concerns Okta Verify on Windows where the Device Access feature exposes the OktaDeviceAccessPipe, enabling a compromised device user to retrieve passwords for Desktop MFA passwordless logins. Affected component: Okta Verify agent for Windows with Okta Device Access passwordless feature en...

7.8CVSS6.9AI score0.00237EPSS

Exploits0References2Affected Software1

NVD•added 2024/10/24 9:15 p.m.•5 views

CVE-2024-10327

A vulnerability in Okta Verify for iOS versions 9.25.1 beta and 9.27.0 including beta allows push notification responses through the iOS ContextExtension feature allowing the authentication to proceed regardless of the user’s selection. When a user long-presses the notification banner and selects...

8.1CVSS0.0011EPSS

Exploits0References2

CVE•added 2024/10/24 8:17 p.m.•38 views

CVE-2024-10327

CVE-2024-10327 affects Okta Verify for iOS 9.25.1 (beta)–9.27.0 (including beta). The vulnerability allows push notification responses via the iOS ContextExtension to authenticate regardless of user choice, across scenarios: locked-screen replies, home-screen drag-and-reply, and Apple Watch repli...

8.1CVSS6.4AI score0.0011EPSS

Exploits0References2

Vulnrichment•added 2024/10/24 8:17 p.m.•9 views

CVE-2024-10327

8.1CVSS6.6AI score0.0011EPSS

Exploits0References2

NVD•added 2024/08/07 5:15 p.m.•12 views

CVE-2024-7061

Okta Verify for Windows is vulnerable to privilege escalation through DLL hijacking. The vulnerability is fixed in Okta Verify for Windows version 5.0.2. To remediate this vulnerability, upgrade to 5.0.2 or greater...

7.8CVSS0.00132EPSS

Exploits0References2

NVD•added 2024/03/28 12:15 a.m.•8 views

CVE-2024-0980

The Auto-update service for Okta Verify for Windows is vulnerable to two flaws which in combination could be used to execute arbitrary code...

7.1CVSS7.3AI score0.00075EPSS

Exploits0References1

CVE•added 2024/03/27 11:16 p.m.•56 views

CVE-2024-0980

The CVE-2024-0980 issue affects Okta Verify for Windows’ auto-update service. Two flaws, when combined, could allow arbitrary code execution. Documented impact indicates high severity (AV: Adjacent, AC: High, PR: Low, UI: None, S: Unchanged, C/H/I/A: High). Details across connected sources confir...

7.1CVSS7.6AI score0.00075EPSS

Exploits0References1

Vulnrichment•added 2024/03/27 11:16 p.m.•7 views

CVE-2024-0980

The Auto-update service for Okta Verify for Windows is vulnerable to two flaws which in combination could be used to execute arbitrary code...

7.6AI score0.00075EPSS

Exploits0References1