Lucene search
K

148 matches found

NVD
NVD
added 2015/01/21 6:59 p.m.20 views

CVE-2015-0389

Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via vectors related to SAML, a different vulnerability than CVE-2014-6592...

3.5CVSS5.2AI score0.00837EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2015/01/21 6:59 p.m.3 views

CVE-2015-0389

Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via vectors related to SAML, a different vulnerability than CVE-2014-6592...

3.5CVSS5.6AI score0.00837EPSS
Exploits0References3
Cvelist
Cvelist
added 2015/01/21 6:0 p.m.34 views

CVE-2015-0389

Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via vectors related to SAML, a different vulnerability than CVE-2014-6592...

5.3AI score0.00837EPSS
Exploits0References2
CVE
CVE
added 2015/01/21 6:0 p.m.54 views

CVE-2015-0389

CVE-2015-0389 affects the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5. The connected sources describe multiple unspecified vulnerabilities in the SAML subcomponent that could allow remote authenticated users to affect integrity. The reports consistently refer to Open...

3.5CVSS5.4AI score0.00837EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2015/01/21 3:28 p.m.20 views

CVE-2014-6592

Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via vectors related to SAML, a different vulnerability than CVE-2015-0389...

3.5CVSS5.2AI score0.00829EPSS
Exploits0References1
Cvelist
Cvelist
added 2015/01/21 3:0 p.m.22 views

CVE-2014-6592

Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via vectors related to SAML, a different vulnerability than CVE-2015-0389...

5.3AI score0.00829EPSS
Exploits0References1
CVE
CVE
added 2015/01/21 3:0 p.m.47 views

CVE-2014-6592

Technical details for CVE-2014-6592 are not provided in the supplied connected documents; no affected products, root cause, or remediation are specified here. Monitor for updates from official sources to obtain concrete information.

3.5CVSS5.4AI score0.00829EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2015/01/08 12:0 a.m.1 views

NYU OpenSSO Integration Redirection Vulnerability

NYU OpenSSO Integration is a system that integrates PDS and Sun OpenSSO identity management applications. A redirection vulnerability exists in NYU OpenSSO Integration 2.1 and earlier, which allows remote attackers to redirect a user to an arbitrary web site via a redirection in the url parameter...

5.8CVSS6.8AI score0.02036EPSS
Exploits1References1
Prion
Prion
added 2015/01/02 8:59 p.m.13 views

Open redirect

Open redirect vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services PDS allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter...

5.8CVSS7.1AI score0.02036EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2015/01/02 8:59 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services PDS allows remote attackers to inject arbitrary web script or HTML via the url parameter...

4.3CVSS6.2AI score0.00931EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2015/01/02 8:59 p.m.14 views

CVE-2014-7293

Cross-site scripting XSS vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services PDS allows remote attackers to inject arbitrary web script or HTML via the url parameter...

4.3CVSS5.8AI score0.00931EPSS
Exploits1References2
CVE
CVE
added 2015/01/02 8:0 p.m.38 views

CVE-2014-7294

CVE-2014-7294 is an open redirect vulnerability in the logon page of Ex Libris Patron Directory Services (PDS) OpenSSO Integration 2.1 and earlier . The root cause is improper redirect handling in the login flow, allowing remote attackers to craft a URL with a redirect target in the url parameter...

5.8CVSS6.9AI score0.02036EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2015/01/02 8:0 p.m.27 views

CVE-2014-7294

Open redirect vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services PDS allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter...

6.7AI score0.02036EPSS
Exploits1References3
CVE
CVE
added 2015/01/02 8:0 p.m.39 views

CVE-2014-7293

CVE-2014-7293 describes a cross-site scripting (XSS) vulnerability on the login page of NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services (PDS). The issue allows remote attackers to inject arbitrary web script or HTML via the url parameter. According to the record, t...

4.3CVSS5.9AI score0.00931EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2015/01/02 8:0 p.m.20 views

CVE-2014-7293

Cross-site scripting XSS vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services PDS allows remote attackers to inject arbitrary web script or HTML via the url parameter...

5.8AI score0.00931EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2014/10/31 12:0 a.m.20 views

Oracle OpenSSO Agent Detection

Binary data oracleopenssoagentinstalled.nbin...

7.3AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/10/31 12:0 a.m.64 views

Oracle OpenSSO Agent Multiple Vulnerabilities (October 2014 CPU)

The Oracle OpenSSO agent installed on the remote host is missing a vendor-supplied update. It is, therefore, affected by multiple vulnerabilities in the bundled Mozilla Network Security Services, the most serious of which can allow remote code execution. %NASLMINLEVEL 70300 C Tenable Network...

9.3CVSS7.7AI score0.04664EPSS
Exploits5References8
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

Oracle OpenSSO 8.0 - Multiple XSS POST Injection Vulnerabilities

No description provided by source. ?!-- Oracle OpenSSO 8.0 Multiple XSS POST Injection Vulnerabilities Vendor: Oracle Corporation Product web page: http://www.oracle.com Affected version: 8.0 Update 2 Patch3 Build 6.1 2011-June-8 05:24 Summary: Oracle OpenSSO is a complete solution that provides...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/04/28 12:0 a.m.15 views

Oracle OpenSSO Detection

Binary data oracleopenssodetect.nbin...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2014/04/28 12:0 a.m.21 views

Oracle OpenSSO Multiple Vulnerabilities (April 2014 CPU)

The remote Oracle OpenSSO install is missing a vendor-supplied update. It is, therefore, affected by multiple, unspecified vulnerabilities. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid73738; scriptversion"1.9";...

4.9CVSS6.7AI score0.01373EPSS
Exploits0References4
Rows per page
Query Builder