Lucene search
+L

1049 matches found

Tenable Nessus
Tenable Nessus
added 2012/09/27 12:0 a.m.34 views

OpenStack Keystone Default Credentials

It is possible to log into the remote OpenStack Keystone instance by providing default credentials. Knowing these, an attacker can gain administrative control of the affected application and would then be able to read and write to Keystone, which is used as an identity provider by other services...

5.6AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2012/01/23 12:0 a.m.38 views

SimpleSAMLphp Detection

The remote web server hosts SimpleSAMLphp, an implementation of SAML Security Assertion Markup Language for written in PHP. It acts as both a Service Provider, authenticating users to PHP applications, as well as an Identity Provider, storing information about them. C Tenable Network Security, In...

5.5AI score
Exploits0References1
NVD
NVD
added 2009/11/06 3:30 p.m.19 views

CVE-2009-3300

Multiple cross-site scripting XSS vulnerabilities in the Identity Provider IdP 1.3.x before 1.3.4 and 2.x before 2.1.5, and the Service Provider 1.3.x before 1.3.5 and 2.x before 2.3, in Internet2 Middleware Initiative Shibboleth allow remote attackers to inject arbitrary web script or HTML via...

2.6CVSS5.6AI score0.01673EPSS
Exploits0References5
Prion
Prion
added 2009/11/06 3:30 p.m.17 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Identity Provider IdP 1.3.x before 1.3.4 and 2.x before 2.1.5, and the Service Provider 1.3.x before 1.3.5 and 2.x before 2.3, in Internet2 Middleware Initiative Shibboleth allow remote attackers to inject arbitrary web script or HTML via...

2.6CVSS5.8AI score0.01673EPSS
Exploits0References5Affected Software2
UbuntuCve
UbuntuCve
added 2009/11/06 3:30 p.m.24 views

CVE-2009-3300

Multiple cross-site scripting XSS vulnerabilities in the Identity Provider IdP 1.3.x before 1.3.4 and 2.x before 2.1.5, and the Service Provider 1.3.x before 1.3.5 and 2.x before 2.3, in Internet2 Middleware Initiative Shibboleth allow remote attackers to inject arbitrary web script or HTML via...

2.6CVSS5.9AI score0.01673EPSS
Exploits0References1
OSV
OSV
added 2009/11/06 3:30 p.m.4 views

DEBIAN-CVE-2009-3300

Multiple cross-site scripting XSS vulnerabilities in the Identity Provider IdP 1.3.x before 1.3.4 and 2.x before 2.1.5, and the Service Provider 1.3.x before 1.3.5 and 2.x before 2.3, in Internet2 Middleware Initiative Shibboleth allow remote attackers to inject arbitrary web script or HTML via...

2.6CVSS5.9AI score0.01673EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2009/11/06 3:0 p.m.39 views

CVE-2009-3300

Multiple cross-site scripting XSS vulnerabilities in the Identity Provider IdP 1.3.x before 1.3.4 and 2.x before 2.1.5, and the Service Provider 1.3.x before 1.3.5 and 2.x before 2.3, in Internet2 Middleware Initiative Shibboleth allow remote attackers to inject arbitrary web script or HTML via...

2.6CVSS5.6AI score0.01673EPSS
Exploits0
Cvelist
Cvelist
added 2009/11/06 3:0 p.m.29 views

CVE-2009-3300

Multiple cross-site scripting XSS vulnerabilities in the Identity Provider IdP 1.3.x before 1.3.4 and 2.x before 2.1.5, and the Service Provider 1.3.x before 1.3.5 and 2.x before 2.3, in Internet2 Middleware Initiative Shibboleth allow remote attackers to inject arbitrary web script or HTML via...

5.6AI score0.01673EPSS
Exploits0References5
Duo Security Advisories
Duo Security Advisories
added 1976/01/01 12:0 a.m.60 views

DUO-PSA-2019-002: Duo Product Security Advisory

Duo Product Security Advisory Advisory ID: DUO-PSA-2019-002 CVE: CVE-2019-3465 Publication Date: 2019-11-12 Revision Date: 2019-11-12 Status: Confirmed, Fixed Document Revision: 1 Overview A third-party software library, which the Duo Access Gateway DAG uses to enable SAML as a first-factor...

6.5CVSS0.03024EPSS
Exploits0
Rows per page
Query Builder