Every CVE whose affected-product data names Veridiumid Veridiumad, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2023-44039 — CVSS 9.1 (critical): In VeridiumID before 3.5.0, the WebAuthn API allows an internal unauthenticated attacker (who can pass enrollment verifications and is…
CVE-2021-42791 — CVSS 7.3 (high): An issue was discovered in VeridiumID VeridiumAD 2.5.3.0. The HTTP request to trigger push notifications for VeridiumAD enrolled users does…
CVE-2023-44038 — CVSS 6.5 (medium): In VeridiumID before 3.5.0, the identity provider page allows an unauthenticated attacker to discover information about registered users…
CVE-2023-45552 — CVSS 6.5 (medium): In VeridiumID before 3.5.0, a stored cross-site scripting (XSS) vulnerability has been discovered in the admin portal that allows an…
CVE-2023-44040 — CVSS 6.1 (medium): In VeridiumID before 3.5.0, the identity provider page is susceptible to a cross-site scripting (XSS) vulnerability that can be exploited…