931 matches found
GHSA-P3W6-JCG4-52XH Improper Verification of Cryptographic Signature in django-rest-registration
Misusing the Django Signer API leads to predictable signatures used in verification emails Impact The vulnerability is a high severity one. Anyone using Django REST Registration library versions 0.2. - 0.4. with e-mail verification option which is recommended, but needs additional configuration i...
The vulnerability of the NX-OS network operating system, related to incorrect verification of the cryptographic signature, allows a hacker to install malicious software on a vulnerable device.
The vulnerability of the NX-OS network operating system is related to incorrect verification of the cryptographic signature. Exploiting this vulnerability could allow a hacker to install malicious software on a vulnerable device...
Authentication Bypass
Overview Versions of samlify prior to 2.4.0 are vulnerable to Authentication Bypass. The package fails to prevent XML Signature Wrapping, allowing tokens to be reused with different usernames. A remote attacker can modify SAML content for a SAML service provider without invalidating the...
The vulnerability of the NX-OS network operating system, related to incorrect verification of the cryptographic signature, allows a hacker to install malicious software on a vulnerable device.
The vulnerability of the NX-OS network operating system is related to incorrect verification of the cryptographic signature. Exploiting this vulnerability could allow a hacker to install malicious software on a vulnerable device...
The vulnerability of the NX-OS network operating system, related to incorrect verification of the cryptographic signature, allows a perpetrator to install malicious software on a vulnerable device.
The vulnerability of the NX-OS network operating system is related to incorrect verification of the cryptographic signature. Exploiting this vulnerability could allow a hacker to install malware on a vulnerable device...
The vulnerability of the NX-OS network operating system, related to incorrect verification of the cryptographic signature, allows a perpetrator to install malware onto a vulnerable device.
The vulnerability of the NX-OS network operating system is related to improper verification of the cryptographic signature. Exploiting this vulnerability could allow a hacker to install malware on a vulnerable device...
Debian DLA-1796-1 : jruby security update
Multiple vulnerabilities have been discovered in jruby, Java implementation of the Ruby programming language. CVE-2018-1000074 Deserialization of Untrusted Data vulnerability in owner command that can result in code execution. This attack appear to be exploitable via victim must run the gem owner...
W3 Total Cache < 0.9.7.3 - Cryptographic Signature Bypass
The return value of opensslverify is not properly validated, which allows to bypass the cryptographic check...
CVE-2018-7340
Duo Network Gateway 1.2.9 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authenticatio...
Authentication flaw
Duo Network Gateway 1.2.9 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authenticatio...
Authentication flaw
OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authenticatio...
CVE-2017-11430
OmniAuth OmnitAuth-SAML 1.9.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass...
PYSEC-2019-198
OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authenticatio...
Authentication flaw
OneLogin Ruby-SAML 1.6.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication...
CVE-2017-11427
OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authenticatio...
Authentication flaw
Clever saml2-js 2.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to...
CVE-2017-11430
OmniAuth OmnitAuth-SAML 1.9.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass...
CVE-2017-11428
OneLogin Ruby-SAML 1.6.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication...
CVE-2017-11427
OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authenticatio...
CVE-2017-11430 Multiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM traversal
OmniAuth OmnitAuth-SAML 1.9.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass...