10 matches found
EUVD-2024-53137
Malicious code in bioql PyPI...
CVE-2022-31122
Wire is an encrypted communication and collaboration platform. Versions prior to 2022-07-12/Chart 4.19.0 are subject to Token Recipient Confusion. If an attacker has certain details of SAML IdP metadata, and configures their own SAML on the same backend, the attacker can delete all SAML...
CVE-2024-56404
In One Identity Identity Manager 9.x before 9.3, an insecure direct object reference IDOR vulnerability allows privilege escalation. Only On-Premise installations are affected...
CVE-2024-56404
In One Identity Identity Manager 9.x before 9.3, an insecure direct object reference IDOR vulnerability allows privilege escalation. Only On-Premise installations are affected...
CVE-2024-56404
In One Identity Identity Manager 9.x before 9.3, an insecure direct object reference IDOR vulnerability allows privilege escalation. Only On-Premise installations are affected...
CVE-2024-56404
CVE-2024-56404 – One Identity Identity Manager : Affects One Identity Identity Manager 9.x before 9.3 (On-Premise). The issue is an insecure direct object reference (IDOR) that enables privilege escalation. Reported CVSSv3.1 base score 9.9 (CRITICAL) with network attack vector, low attack complex...
CVE-2024-56404
In One Identity Identity Manager 9.x before 9.3, an insecure direct object reference IDOR vulnerability allows privilege escalation. Only On-Premise installations are affected...
CVE-2022-24082
If an on-premise installation of the Pega Platform is configured with the port for the JMX interface exposed to the Internet and port filtering is not properly configured, then it may be possible to upload serialized payloads to attack the underlying system. This does not affect systems running o...
CVE-2020-14255
HCL Digital Experience 9.5 containers include vulnerabilities that could expose sensitive data to unauthorized parties via crafted requests. These affect containers only. These do not affect traditional on-premise installations...
Microsoft Azure Flaws Open Admin Servers to Takeover
Researchers have disclosed two flaws in Microsoft’s Azure web hosting application service, App Services, which if exploited could enable an attacker to take over administrative servers. Azure App Services is an HTTP-based service for hosting web applications, and is available in both Microsoft...