Lucene search
+L

8 matches found

Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-52096

Name of the Vulnerable Software and Affected Versions Rocket.Chat versions prior to 8.5.0 Rocket.Chat versions prior to 8.4.1 Rocket.Chat versions prior to 8.3.3 Rocket.Chat versions prior to 8.2.3 Rocket.Chat versions prior to 8.1.4 Rocket.Chat versions prior to 8.0.5 Rocket.Chat versions prior ...

9.3CVSS5.7AI score0.00149EPSS
Exploits0References4
OSV
OSV
added 2026/05/28 6:30 p.m.5 views

GHSA-FWGQ-J9R9-QJGR Casdoor has an authentication bypass

Casdoor versions 2.362.0 and earlier contain a vulnerability that allows an attacker to bypass authentication by supplying an arbitrary signing certificate. The buildSpCertificateStore function extracts the X.509 certificate directly from the incoming SAMLResponse instead of using the trusted...

9.1CVSS5.9AI score0.00201EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/28 4:17 p.m.20 views

EUVD-2026-32941

Casdoor versions 2.362.0 and earlier contain a vulnerability that allows an attacker to bypass authentication by supplying an arbitrary signing certificate. The buildSpCertificateStore function extracts the X.509 certificate directly from the incoming SAMLResponse instead of using the trusted...

5.9AI score0.00201EPSS
Exploits0References1
NVD
NVD
added 2021/03/10 6:15 p.m.18 views

CVE-2021-3034

An information exposure through log file vulnerability exists in Cortex XSOAR software where the secrets configured for the SAML single sign-on SSO integration can be logged to the '/var/log/demisto/' server logs when testing the integration during setup. This logged information includes the...

5.1CVSS0.00168EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2021/03/10 5:0 p.m.5 views

CVE-2021-3034

An information exposure through log file vulnerability exists in Cortex XSOAR software where the secrets configured for the SAML single sign-on SSO integration can be logged to the '/var/log/demisto/' server logs when testing the integration during setup. This logged information includes the...

5.1CVSS6AI score0.00168EPSS
Exploits0References2Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2021/03/10 5:0 p.m.76 views

Cortex XSOAR: Secrets for SAML single sign-on (SSO) integration may be logged in system logs

An information exposure through log file vulnerability exists in Cortex XSOAR software where the secrets configured for the SAML single sign-on SSO integration can be logged to the '/var/log/demisto/' server logs when testing the integration during setup. This logged information includes the...

5.1CVSS1.5AI score0.00168EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/08/11 12:0 a.m.8 views

The vulnerability of the Security Assertion Markup Language (SAML) implementation in the PAN-OS operating system allows a perpetrator to increase their privileges.

The vulnerability of the Security Assertion Markup Language SAML implementation in the PAN-OS operating system is related to incorrect verification of the cryptographic signature. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely, provided that the SAM...

10CVSS7.7AI score0.04362EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2020/06/29 12:0 a.m.40 views

CVE-2020-2021 PAN-OS: Authentication Bypass in SAML Authentication

When Security Assertion Markup Language SAML authentication is enabled and the ‘Validate Identity Provider Certificate’ option is disabled unchecked, improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based attacker to access protected resources...

10CVSS9.4AI score0.04362EPSS
In wildExploits1References5
Rows per page
Query Builder