NotCVE - vendor:"Pingidentity"

Page 7 of 37 results (0.005 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-31923

https://notcve.org/view.php?id=CVE-2021-31923

Ping Identity PingAccess before 5.3.3 allows HTTP request smuggling via header manipulation. Ping Identity PingAccess versiones anteriores a 5.3.3, permite un contrabando de peticiones HTTP por medio de la manipulación de encabezados. • https://docs.pingidentity.com/bundle/pingaccess-53/page/wco1629833104567.html • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-39270

https://notcve.org/view.php?id=CVE-2021-39270

In Ping Identity RSA SecurID Integration Kit before 3.2, user impersonation can occur. En Ping Identity RSA SecurID Integration Kit versiones anteriores a 3.2, puede ocurrir una suplantación de usuarios. • https://docs.pingidentity.com/bundle/integrations/page/yqq1563995045546.html https://www.pingidentity.com/en/resources/downloads/pingfederate.html • CWE-346: Origin Validation Error •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2020-25826

https://notcve.org/view.php?id=CVE-2020-25826

PingID Integration for Windows Login before 2.4.2 allows local users to gain privileges by modifying CefSharp.BrowserSubprocess.exe. PingID Integration para Windows Login versiones anteriores a 2.4.2, permite a usuarios locales alcanzar privilegios al modificar el archivo CefSharp.BrowserSubprocess.exe • https://docs.pingidentity.com/bundle/pingid/page/xqz1597139945488.html https://gitlab.com/-/snippets/2017709 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 0

CVE-2020-10654

https://notcve.org/view.php?id=CVE-2020-10654

Ping Identity PingID SSH before 4.0.14 contains a heap buffer overflow in PingID-enrolled servers. This condition can be potentially exploited into a Remote Code Execution vector on the authenticating endpoint. Ping Identity PingID SSH versiones anteriores a 4.0.14, contiene un desbordamiento del búfer en la región heap de la memoria en los servidores inscritos en PingID. Esta condición puede ser explotada potencialmente en un vector de Ejecución de Código Remota en el endpoint de autenticación. • https://docs.pingidentity.com/bundle/pingid/page/hmc1587998527490.html https://docs.pingidentity.com/bundle/pingid/page/okt1564020467088.html https://www.pingidentity.com https://www.pingidentity.com/en/cloud/pingid.html • CWE-787: Out-of-bounds Write •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2

CVE-2019-13564 – Ping Identity Agentless Integration Kit Cross Site Scripting

https://notcve.org/view.php?id=CVE-2019-13564

XSS exists in Ping Identity Agentless Integration Kit before 1.5. Se presenta una vulnerabilidad de tipo XSS en Ping Identity Agentless Integration Kit anterior a la versión 1.5. Ping Identity Agentless Integration Kit versions prior to 1.5 suffer from a cross site scripting vulnerability. • http://packetstormsecurity.com/files/154274/Ping-Identity-Agentless-Integration-Kit-Cross-Site-Scripting.html http://seclists.org/fulldisclosure/2019/Aug/33 https://github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20190305-01_Ping_Identity_Agentless_Integration_Kit_Reflected_XSS https://support.pingidentity.com/s/document-item?bundleId=integrations&topicId=Integration_Kits%2FAgentless%2FagentlessIK_c_changelog.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

1...5 6 7 8