Lucene search
K

50 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-47149

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00219EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-8748

Malicious code in bioql PyPI...

6.5CVSS7AI score0.00701EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 6:26 a.m.9 views

CVE-2019-1006

An authentication bypass vulnerability exists in Windows Communication Foundation WCF and Windows Identity Foundation WIF, allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'...

7.5CVSS7.2AI score0.06024EPSS
Exploits0References1
NVD
NVD
added 2024/07/30 7:15 p.m.25 views

CVE-2024-5249

In versions of Akana API Platform prior to 2024.1.0, SAML tokens can be replayed...

7.5CVSS0.00219EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/30 6:23 p.m.16 views

CVE-2024-5249 SAML Replay in Akana

In versions of Akana API Platform prior to 2024.1.0, SAML tokens can be replayed...

5.4CVSS6.8AI score0.00219EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/30 6:23 p.m.30 views

CVE-2024-5249 SAML Replay in Akana

In versions of Akana API Platform prior to 2024.1.0, SAML tokens can be replayed...

5.4CVSS0.00219EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2023/12/07 12:0 a.m.17 views

Ubuntu: Security Advisory (USN-6463-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.4AI score0.00667EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2023/12/06 9:43 a.m.60 views

USN-6463-2: Open VM Tools vulnerabilities

USN-6463-1 fixed vulnerabilities in Open VM Tools. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker with Guest Operations privileges could...

7.5CVSS6.7AI score0.00667EPSS
Exploits0
Ubuntu
Ubuntu
added 2023/10/31 2:47 p.m.63 views

USN-6463-1: Open VM Tools vulnerabilities

It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker Guest Operations privileges could possibly use this issue to escalate privileges. CVE-2023-34058 Matthias Gerstner discovered that Open VM Tools incorrectly handled file descriptors when dropping privileges. A...

7.5CVSS6.5AI score0.00667EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/09/26 12:0 a.m.20 views

Ubuntu: Security Advisory (USN-6365-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.01193EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2023/09/25 10:55 a.m.99 views

USN-6365-2: Open VM Tools vulnerability

USN-6365-1 fixed a vulnerability in Open VM Tools. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker could possibly use this issue to bypass SA...

7.5CVSS7.1AI score0.01193EPSS
Exploits0
OSV
OSV
added 2023/09/25 10:55 a.m.6 views

USN-6365-2 open-vm-tools vulnerability

USN-6365-1 fixed a vulnerability in Open VM Tools. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker could possibly use this issue to bypass SA...

7.5CVSS6.9AI score0.01193EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2023/09/13 2:54 p.m.83 views

USN-6365-1: Open VM Tools vulnerability

It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker could possibly use this issue to bypass SAML token signature verification and perform VMware Tools Guest Operations...

7.5CVSS7AI score0.01193EPSS
Exploits0
OSV
OSV
added 2023/09/13 2:54 p.m.4 views

USN-6365-1 open-vm-tools vulnerability

It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker could possibly use this issue to bypass SAML token signature verification and perform VMware Tools Guest Operations...

7.5CVSS7AI score0.01193EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2022/05/13 1:9 a.m.29 views

Improper Input Validation in Apache CXF

The SecurityTokenService STS in Apache CXF before 2.6.12 and 2.7.x before 2.7.9 does not properly validate SAML tokens when caching is enabled, which allows remote attackers to gain access via an invalid SAML token...

4.3CVSS8.6AI score0.07405EPSS
Exploits0References17Affected Software1
OSV
OSV
added 2022/05/13 1:9 a.m.1 views

GHSA-38X2-FP9M-87MX Improper Input Validation in Apache CXF

The SecurityTokenService STS in Apache CXF before 2.6.12 and 2.7.x before 2.7.9 does not properly validate SAML tokens when caching is enabled, which allows remote attackers to gain access via an invalid SAML token...

4.3CVSS7.2AI score0.07405EPSS
Exploits0References17
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.28 views

Mageia: Security Advisory (MGASA-2014-0557)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8CVSS6.6AI score0.09149EPSS
Exploits1References7
CNVD
CNVD
added 2021/02/24 12:0 a.m.8 views

SAP HANA Database Signature Validation Improperity Vulnerability

SAP HANA is a set of high-performance real-time data analytics platform from Germany's SAP, which supports users to query and analyze real-time business data. An improper signature validation vulnerability exists in SAP HANA Database versions 1.0 and 2.0. The vulnerability stems from the program...

6.5CVSS6.5AI score0.00701EPSS
Exploits0References1
OSV
OSV
added 2021/02/09 9:15 p.m.6 views

CVE-2021-21474

SAP HANA Database, versions - 1.0, 2.0, accepts SAML tokens with MD5 digest, an attacker who manages to obtain an MD5-digest signed SAML Assertion issued for an SAP HANA instance might be able to tamper with it and alter it in a way that the digest continues to be the same and without invalidatin...

6.5CVSS6.9AI score0.00701EPSS
Exploits0References2
NVD
NVD
added 2021/02/09 9:15 p.m.15 views

CVE-2021-21474

SAP HANA Database, versions - 1.0, 2.0, accepts SAML tokens with MD5 digest, an attacker who manages to obtain an MD5-digest signed SAML Assertion issued for an SAP HANA instance might be able to tamper with it and alter it in a way that the digest continues to be the same and without invalidatin...

6.5CVSS0.00701EPSS
Exploits0References2
Rows per page
Query Builder