Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
identity vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2014-6095
Directory traversal vulnerability in IBM Security Identity Manager 6.x prior to 6.0.0.3 IF14 allows remote malicious users to read arbitrary files via unspecified vectors.
Ibm Security Identity Manager 6.0.0.3
Ibm Security Identity Manager 6.0.0.0
Ibm Security Identity Manager 6.0.0.1
Ibm Security Identity Manager 6.0.0.2
4.3
CVSSv2
CVE-2014-6107
IBM Security Identity Manager 6.x prior to 6.0.0.3 IF14 allows remote malicious users to obtain sensitive cookie information by sniffing the network during an HTTP session.
Ibm Security Identity Manager 6.0.0.0
Ibm Security Identity Manager 6.0.0.1
Ibm Security Identity Manager 6.0.0.2
Ibm Security Identity Manager 6.0.0.3
2.1
CVSSv2
CVE-2014-6110
IBM Security Identity Manager 6.x prior to 6.0.0.3 IF14 does not properly perform logout actions, which allows remote malicious users to access sessions by leveraging an unattended workstation.
Ibm Security Identity Manager 6.0.0.0
Ibm Security Identity Manager 6.0.0.1
Ibm Security Identity Manager 6.0.0.2
Ibm Security Identity Manager 6.0.0.3
10
CVSSv2
CVE-2022-29464
Certain WSO2 products allow unrestricted file upload with resultant remote code execution. The attacker must use a /fileupload endpoint with a Content-Disposition directory traversal sequence to reach a directory under the web root, such as a ../../../../repository/deployment/ser...
Wso2 Identity Server Analytics 5.5.0
Wso2 Identity Server Analytics 5.4.1
Wso2 Identity Server Analytics 5.6.0
Wso2 Identity Server Analytics 5.4.0
Wso2 Api Manager
Wso2 Identity Server
Wso2 Enterprise Integrator
Wso2 Identity Server As Key Manager
31 Github repositories
5
CVSSv2
CVE-2016-0330
IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 up to and including 7.0.1.1 prior to 7.0.1-ISS-SIM-FP0003 mishandles password creation, which makes it easier for remote malicious users to obtain access by leveraging an attack against the password algorithm.
Ibm Security Identity Manager Adapter 7.0.1.1
Ibm Security Identity Manager Adapter 7.0.0.2
Ibm Security Identity Manager Adapter 7.0.0.1
Ibm Security Identity Manager Adapter 7.0.0.0
Ibm Security Identity Manager Adapter 7.0.1.0
Ibm Security Identity Manager Adapter 7.0.0.3
2.1
CVSSv2
CVE-2016-0338
IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 up to and including 7.0.1.1 prior to 7.0.1-ISS-SIM-FP0003 allows local users to discover cleartext passwords by (1) reading a configuration file or (2) examining a process.
Ibm Security Identity Manager Adapter 7.0.1.1
Ibm Security Identity Manager Adapter 7.0.1.0
Ibm Security Identity Manager Adapter 7.0.0.1
Ibm Security Identity Manager Adapter 7.0.0.0
Ibm Security Identity Manager Adapter 7.0.0.3
Ibm Security Identity Manager Adapter 7.0.0.2
4.4
CVSSv2
CVE-2016-0340
IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 up to and including 7.0.1.1 prior to 7.0.1-ISS-SIM-FP0003 mishandles session expiration, which allows remote malicious users to hijack sessions by leveraging an unattended workstation.
Ibm Security Identity Manager Adapter 7.0.0.2
Ibm Security Identity Manager Adapter 7.0.0.1
Ibm Security Identity Manager Adapter 7.0.0.0
Ibm Security Identity Manager Adapter 7.0.1.1
Ibm Security Identity Manager Adapter 7.0.1.0
Ibm Security Identity Manager Adapter 7.0.0.3
4.3
CVSSv2
CVE-2016-0357
IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 up to and including 7.0.1.1 prior to 7.0.1-ISS-SIM-FP0003 allows remote malicious users to conduct clickjacking attacks via a crafted web site.
Ibm Security Identity Manager Adapter 7.0.1.1
Ibm Security Identity Manager Adapter 7.0.0.2
Ibm Security Identity Manager Adapter 7.0.0.1
Ibm Security Identity Manager Adapter 7.0.0.0
Ibm Security Identity Manager Adapter 7.0.1.0
Ibm Security Identity Manager Adapter 7.0.0.3
4.3
CVSSv2
CVE-2016-0339
IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 up to and including 7.0.1.1 prior to 7.0.1-ISS-SIM-FP0003 mishandles session identifiers after logout, which makes it easier for remote malicious users to spoof users by leveraging knowledge of "traffic records.&...
Ibm Security Identity Manager Adapter 7.0.0.3
Ibm Security Identity Manager Adapter 7.0.0.2
Ibm Security Identity Manager Adapter 7.0.1.1
Ibm Security Identity Manager Adapter 7.0.1.0
Ibm Security Identity Manager Adapter 7.0.0.1
Ibm Security Identity Manager Adapter 7.0.0.0
2.1
CVSSv2
CVE-2016-9703
IBM Security Identity Manager Virtual Appliance does not invalidate session tokens which could allow an unauthorized user with physical access to the work station to obtain sensitive information.
Ibm Security Identity Manager Virtual Appliance 7.0.1.3
Ibm Security Identity Manager Virtual Appliance 7.0.1.2
Ibm Security Identity Manager Virtual Appliance 7.0.1.1
Ibm Security Identity Manager Virtual Appliance 7.0.1.0
Ibm Security Identity Manager Virtual Appliance 7.0.0.3
Ibm Security Identity Manager Virtual Appliance 7.0.0.2
Ibm Security Identity Manager Virtual Appliance 7.0.1.4
Ibm Security Identity Manager Virtual Appliance 7.0.0.1
Ibm Security Identity Manager Virtual Appliance 7.0.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »