Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-53137

Malicious code in bioql PyPI...

9.9CVSS9.1AI score0.00647EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/05 8:35 p.m.7 views

CVE-2022-31122

Wire is an encrypted communication and collaboration platform. Versions prior to 2022-07-12/Chart 4.19.0 are subject to Token Recipient Confusion. If an attacker has certain details of SAML IdP metadata, and configures their own SAML on the same backend, the attacker can delete all SAML...

9.8CVSS6.5AI score0.00599EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 9:20 a.m.6 views

CVE-2024-56404

In One Identity Identity Manager 9.x before 9.3, an insecure direct object reference IDOR vulnerability allows privilege escalation. Only On-Premise installations are affected...

9.9CVSS7AI score0.00647EPSS
Exploits0References1
NVD
NVD
added 2025/01/24 6:15 p.m.17 views

CVE-2024-56404

In One Identity Identity Manager 9.x before 9.3, an insecure direct object reference IDOR vulnerability allows privilege escalation. Only On-Premise installations are affected...

9.9CVSS0.00647EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/01/24 12:0 a.m.4 views

CVE-2024-56404

In One Identity Identity Manager 9.x before 9.3, an insecure direct object reference IDOR vulnerability allows privilege escalation. Only On-Premise installations are affected...

9.9CVSS7AI score0.00647EPSS
Exploits0References3
CVE
CVE
added 2025/01/24 12:0 a.m.70 views

CVE-2024-56404

CVE-2024-56404 – One Identity Identity Manager : Affects One Identity Identity Manager 9.x before 9.3 (On-Premise). The issue is an insecure direct object reference (IDOR) that enables privilege escalation. Reported CVSSv3.1 base score 9.9 (CRITICAL) with network attack vector, low attack complex...

9.9CVSS7AI score0.00647EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/01/24 12:0 a.m.14 views

CVE-2024-56404

In One Identity Identity Manager 9.x before 9.3, an insecure direct object reference IDOR vulnerability allows privilege escalation. Only On-Premise installations are affected...

9.9CVSS0.00647EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/07/19 12:0 a.m.45 views

CVE-2022-24082

If an on-premise installation of the Pega Platform is configured with the port for the JMX interface exposed to the Internet and port filtering is not properly configured, then it may be possible to upload serialized payloads to attack the underlying system. This does not affect systems running o...

9.8CVSS9.8AI score0.09477EPSS
Exploits5References2
NVD
NVD
added 2021/02/02 8:15 p.m.26 views

CVE-2020-14255

HCL Digital Experience 9.5 containers include vulnerabilities that could expose sensitive data to unauthorized parties via crafted requests. These affect containers only. These do not affect traditional on-premise installations...

7.5CVSS0.01058EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2020/10/08 3:28 p.m.120 views

Microsoft Azure Flaws Open Admin Servers to Takeover

Researchers have disclosed two flaws in Microsoft’s Azure web hosting application service, App Services, which if exploited could enable an attacker to take over administrative servers. Azure App Services is an HTTP-based service for hosting web applications, and is available in both Microsoft...

8.8AI score0.0552EPSS
Exploits1References11
Rows per page
Query Builder