367 matches found
WSO2 Identity Server SAML Authentication XXE Injection Vulnerability
WSO2 Identity Server is an open source identity services , support for Information Cards, OpenID and XACML. WSO2 Identity Server SAML authentication interface XXE injection vulnerability allows remote attackers to submit special XML data to access arbitrary files...
XSS, CSRF Vulnerabilities identitified in WSO2 Identity Server
A handful of vulnerabilities have been identified in WSO2 Identity Server that could lead to takeover, firewall bypass, and potentially expose subsequent internal servers to further attacks. The open source server software helps developers manage identities and keep track of web apps, services an...
Moderate: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.1.0 security and bug fix update
Red Hat JBoss Fuse and A-MQ 6.1.0 Rollup Patch 2 R2, which includes several bug fixes, enhancements, and resolves two security issues, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.3.2 security update
An update for Red Hat JBoss Enterprise Application Platform 6.3.2 that fixes three security issues is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which giv...
DUO-PSA-2019-002: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2019-002 CVE: CVE-2019-3465 Publication Date: 2019-11-12 Revision Date: 2019-11-12 Status: Confirmed, Fixed Document Revision: 1 Overview A third-party software library, which the Duo Access Gateway DAG uses to enable SAML as a first-factor...
DUO-PSA-2017-003: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2017-003 Publication Date: 2018-02-27 Revision Date: 2018-02-27 Status: Confirmed, Fixed Document Revision: 1 Overview Duo Security has identified a security flaw in a third-party library used in the Duo Network Gateway DNG which, under certain...
DUO-PSA-2017-003: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2017-003 Publication Date: 2018-02-27 Revision Date: 2018-02-27 Status: Confirmed, Fixed Document Revision: 1 Overview Duo Security has identified a security flaw in a third-party library used in the Duo Network Gateway DNG which, under certain...