Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
access manager vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2017-1476
IBM Security Access Manager Appliance 7.0.0, 8.0.0 up to and including 8.0.1.6, and 9.0.0 up to and including 9.0.3.1 could allow a remote malicious user to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could ex...
Ibm Security Access Manager
Ibm Security Access Manager For Web
Ibm Security Access Manager For Mobile
312
VMScore
CVE-2016-7467
The TMM SSO plugin in F5 BIG-IP APM 12.0.0 - 12.1.1, 11.6.0 - 11.6.1 HF1, 11.5.4 - 11.5.4 HF2, when configured as a SAML Identity Provider with a Service Provider (SP) connector, might allow traffic to be disrupted or failover initiated when a malformed, signed SAML authenticatio...
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Access Policy Manager 12.0.0
F5 Big-ip Access Policy Manager 11.6.0
F5 Big-ip Access Policy Manager 11.5.4
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 11.6.1
356
VMScore
CVE-2016-3687
Open redirect vulnerability in F5 BIG-IP APM 11.2.1, 11.4.x, 11.5.x, and 11.6.x prior to 11.6.0 HF6 and Edge Gateway 11.2.1, when using multi-domain single sign-on (SSO), allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a bas...
F5 Big-ip Access Policy Manager 11.5.4
F5 Big-ip Access Policy Manager 11.5.3
F5 Big-ip Access Policy Manager 11.5.2
F5 Big-ip Access Policy Manager 11.5.1
F5 Big-ip Access Policy Manager 11.6.0
F5 Big-ip Access Policy Manager 11.5.0
F5 Big-ip Access Policy Manager 11.4.0
F5 Big-ip Access Policy Manager 11.4.1
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Edge Gateway 11.2.1
445
VMScore
CVE-2015-5010
IBM Security Access Manager for Web 7.0 prior to 7.0.0 IF21, 8.0 prior to 8.0.1.3 IF4, and 9.0 prior to 9.0.0.1 IF1 does not have a lockout mechanism for invalid login attempts, which makes it easier for remote malicious users to obtain access via a brute-force attack.
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.9
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.8
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.7
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.6
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.2
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.0
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.5
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.18
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.19
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.20
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.12
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.15
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.13
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.5
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.3
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.17
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.11
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.1
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.2
Ibm Security Access Manager 9.0 Firmware 9.0.0
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.16
606
VMScore
CVE-2018-2879
Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Authentication Engine). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via H...
Oracle Access Manager 11.1.2.3.0
Oracle Access Manager 12.2.1.3.0
3 Github repositories
1 Article
436
VMScore
CVE-2020-2740
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to c...
Oracle Access Manager 11.1.2.3.0
Oracle Access Manager 12.2.1.3.0
187
VMScore
CVE-2016-5749
NetIQ Access Manager 4.1 prior to 4.1.2 HF 1 and 4.2 prior to 4.2.2 was parsing incoming SAML requests with external entity resolution enabled, which could lead to local file disclosure via an XML External Entity (XXE) attack.
Netiq Access Manager 4.1
Netiq Access Manager 4.2
578
VMScore
CVE-2016-5750
The certificate upload feature in iManager in NetIQ Access Manager 4.1 prior to 4.1.2 Hot Fix 1 and 4.2 prior to 4.2.2 could be used to upload JSP pages that would be executed as the iManager user, allowing code execution by logged-in remote users.
Netiq Access Manager 4.1
Netiq Access Manager 4.2
383
VMScore
CVE-2016-5751
An unfiltered finalizer target URL in the SAML processing feature in Identity Server in NetIQ Access Manager 4.1 prior to 4.1.2 HF1 and 4.2 prior to 4.2.2 could be used to trigger XSS and leak authentication credentials.
Netiq Access Manager 4.1
Netiq Access Manager 4.2
445
VMScore
CVE-2016-5752
The SAML2 implementation in Identity Server in NetIQ Access Manager 4.1 prior to 4.1.2 HF1 and 4.2 prior to 4.2.2 was handling unsigned SAML requests incorrectly, leaking results to a potentially malicious "Assertion Consumer Service URL" instead of the original request...
Netiq Access Manager 4.1
Netiq Access Manager 4.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »