IBM Data Risk Manager - Authentication Bypass via SAML

IBM Data Risk Manager versions 2.0.1 through 2.0.6 are vulnerable to authentication bypass when configured with SAML authentication. A remote attacker can bypass security restrictions by sending a specially crafted HTTP request to the SAML idpSelection endpoint, allowing them to bypass the...

EUVD-2020-25865

Malware in sbrugna...

EUVD-2020-25858

Malware in sbrugna...

EUVD-2020-25869

Malware in sbrugna...

EUVD-2021-25348

Malware in sbrugna...

EUVD-2020-25864

Malware in sbrugna...

EUVD-2020-25863

Malware in sbrugna...

EUVD-2020-25860

Malware in sbrugna...

EUVD-2021-16386

Malware in sbrugna...

EUVD-2020-25859

Malware in sbrugna...

EUVD-2014-4751

Malware in sbrugna...

EUVD-2020-25862

Malware in sbrugna...

EUVD-2020-25861

Malware in sbrugna...

EUVD-2020-25867

Malware in sbrugna...

EUVD-2020-25866

Malware in sbrugna...

EUVD-2020-25868

Malware in sbrugna...

EUVD-2023-30791

Malicious code in bioql PyPI...

VulnCheck KEV: CVE-2020-4429

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 contains a default password for an IDRM administrative account. A remote attacker could exploit this vulnerability to login and execute arbitrary code on the system with root privileges. IBM X-Force ID: 180534...

CVE-2024-48569

Proactive Risk Manager version 9.1.1.0 is affected by multiple Cross-Site Scripting XSS vulnerabilities in the add/edit form fields, at the urls starting with the subpaths: /ar/config/configuation/ and /ar/config/risk-strategy-control/...

CVE-2023-27001

An issue discovered in Egerie Risk Manager v4.0.5 allows attackers to bypass the signature mechanism and tamper with the values inside the JWT payload resulting in privilege escalation...