15 matches found
EUVD-2023-47095
Malicious code in bioql PyPI...
EUVD-2022-28261
Malicious code in bioql PyPI...
CVE-2025-20264
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific administrative functions. This vulnerability is due to insufficient authorization enforcement mechanisms fo...
CVE-2025-20264 Cisco Identity Services Engine Authorization Bypass Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific administrative functions. This vulnerability is due to insufficient authorization enforcement mechanisms fo...
CVE-2025-20264
Cisco ISE (Identity Services Engine) is affected by CVE-2025-20264, a vulnerability in the web-based management interface that allows an authenticated remote attacker to bypass authorization for specific administrative functions. The root cause is insufficient authorization enforcement for users ...
Cisco Identity Services Engine Authorization Bypass Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific administrative functions. This vulnerability is due to insufficient authorization enforcement mechanisms fo...
Cisco Identity Services Engine (cisco-sa-ise-auth-bypass-mVfKVQAU)
According to its self-reported version, Cisco ISE is affected by a vulnerability. - A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific administrative function...
BIT-ARTIFACTORY-2023-42662
JFrog Artifactory versions 7.59 and above, but below 7.59.18, 7.63.18, 7.68.19, 7.71.8 are vulnerable to an issue whereby user interaction with specially crafted URLs could lead to exposure of user access tokens due to improper handling of the CLI / IDE browser based SSO integration...
CVE-2023-42662
JFrog Artifactory versions 7.59 and above, but below 7.59.18, 7.63.18, 7.68.19, 7.71.8 are vulnerable to an issue whereby user interaction with specially crafted URLs could lead to exposure of user access tokens due to improper handling of the CLI / IDE browser based SSO integration...
CVE-2023-42662
CVE-2023-42662 (JFrog Artifactory) affects Artifactory versions 7.59 and above, but below 7.59.18, 7.63.18, 7.68.19, and 7.71.8. The issue arises from improper handling of the CLI/IDE browser-based SSO integration, allowing user interaction with specially crafted URLs to expose user access tokens...
Argo CD Insecure default administrative password
In Argo CD versions 1.8.0 and prior, the default admin password is set to the argocd-server pod name. For insiders with access to the cluster or logs, this issue could be abused for privilege escalation, as Argo has privileged roles. A malicious insider is the most realistic threat, but pod names...
GHSA-H8JC-JMRF-9H8F Argo CD Insecure default administrative password
In Argo CD versions 1.8.0 and prior, the default admin password is set to the argocd-server pod name. For insiders with access to the cluster or logs, this issue could be abused for privilege escalation, as Argo has privileged roles. A malicious insider is the most realistic threat, but pod names...
CVE-2021-3034
An information exposure through log file vulnerability exists in Cortex XSOAR software where the secrets configured for the SAML single sign-on SSO integration can be logged to the '/var/log/demisto/' server logs when testing the integration during setup. This logged information includes the...
CVE-2021-3034
CVE-2021-3034 affects Cortex XSOAR, where secrets for the SAML SSO integration can be logged into /var/log/demisto during setup testing. The vulnerability exposes private keys and the identity provider certificate due to log file leakage. Affected versions include Cortex XSOAR 5.5.0 builds earlie...
Stable Channel Update for Chrome OS
The Stable channel has been updated to 62.0.3202.74 Platform version: 9901.54.0/1 for most Chrome OS devices. This build contains a number of bug fixes and security updates. Systems will be receiving updates over the next several days. New Features Kerberos SSO integration for Active Directory...