Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2013-3383

Malware in sbrugna...

4CVSS6.4AI score0.01325EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-0194

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00623EPSS
Exploits1References7
OSV
OSV
added 2025/07/22 2:31 p.m.5 views

GHSA-9G4J-V8W5-7X42 Authentik has insufficient check for account active status when authenticating with OAuth/SAML Sources

Summary Deactivated users that had either enrolled via OAuth/SAML or had their account connected to an OAuth/SAML account can still partially access authentik even if their account is deactivated. They end up in a half-authenticated state where they cannot access the API but crucially they can...

7.1CVSS6.3AI score0.00489EPSS
Exploits0References6
NVD
NVD
added 2024/09/20 12:15 a.m.26 views

CVE-2024-47000

Zitadel is an open source identity management platform. ZITADEL's user account deactivation mechanism did not work correctly with service accounts. Deactivated service accounts retained the ability to request tokens, which could lead to unauthorized access to applications and resources. Versions...

8.1CVSS0.00411EPSS
Exploits0References1
CVE
CVE
added 2024/09/19 11:10 p.m.67 views

CVE-2024-47000

Zitadel CVE-2024-47000 affects service accounts: deactivating a service account could still allow token requests, enabling potential unauthorized access. Affected releases include 2.54.10 through 2.62.1 (various 2.x lines); fixes are in 2.62.1, 2.61.1, 2.60.2, 2.59.3, 2.58.5, 2.57.5, 2.56.6, 2.55...

8.1CVSS8AI score0.00411EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder