one identity

Top products

The 7 most recently published vulnerabilities affecting one identity.

• CVE-2025-59363In One Identity OneLogin before 2025.3.0, a request returns the OIDC client secret with GET Apps API v2 (even though this secret should only be returned when an App is first created),7.7Sep 14, 2025
• CVE-2025-52924In One Identity OneLogin before 2025.2.0, the SQL connection "application name" is set based on the value of an untrusted X-RequestId HTTP request header.4.0Jul 19, 2025
• CVE-2025-27582The Secure Password extension in One Identity Password Manager before 5.14.4 allows local privilege escalation. The issue arises from a flawed security hardening mechanism within the kiosk browser ...7.6Jul 14, 2025
• CVE-2025-34064OneLogin AD Connector Log S3 Bucket Hijack Leading to Cross-Tenant Data Leakage9.3Jul 1, 2025
• CVE-2025-34063OneLogin AD Connector JWT Authentication Bypass via Exposed Signing Key10.0Jul 1, 2025
• CVE-2024-47619tranport: TLS host name wildcard matching too lax7.5May 7, 2025
• CVE-2022-38725An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or n...7.5Jan 23, 2023