Omnissa Workspace ONE UEM Multiple Vulnerabilities (OMSA-2025-0004)

The version of Workspace ONE UEM console running on the remote host is affected by multiple vulnerabilities, as follows: - Omnissa Workspace ONE UEM contains a Server-Side Request Forgery SSRF Vulnerability. A malicious actor with user privileges may be able to access restricted internal system...

PT-2025-32561

Name of the Vulnerable Software and Affected Versions Omnissa Workspace ONE UEM affected versions not specified Description Omnissa Workspace ONE UEM contains a Secondary Context Path Traversal vulnerability. A malicious actor may be able to gain access to sensitive information by sending crafted...

PT-2024-19277 · Edx · Open Edx Platform

Name of the Vulnerable Software and Affected Versions: Open edX Platform versions prior to the version containing commit 019888f Description: The issue affects the Open edX Platform, a service-oriented platform for authoring and delivering online learning. A user with a JWT and limited scopes cou...

CVE-2020-14388

A flaw was found in the Red Hat 3scale API Management Platform, where member permissions for an API's admin portal were not properly enforced. This flaw allows an authenticated user to bypass normal account restrictions and access API services where they do not have permission...

CVE-2017-3869

An API Credentials Management vulnerability in the APIs for Cisco Prime Infrastructure could allow an authenticated, remote attacker to access an API that should be restricted to a privileged user. The attacker needs to have valid credentials. More Information: CSCuy36192. Known Affected Releases...