Lucene search
K

10 matches found

NVD
NVD
added 4 days ago6 views

CVE-2026-54782

CoreWCF is a port of the service side of Windows Communication Foundation WCF to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF SAML 1.1 and SAML 2.0 token validation does not correctly resolve the issuer signing key or require signed tokens when IdentityConfiguration is used with federated binding...

10CVSS0.00246EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-0210

Malware in sbrugna...

6.5CVSS6.9AI score0.01078EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-32396

Malicious code in bioql PyPI...

8.6CVSS6.6AI score0.00337EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-21238

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability...

6.5CVSS6.9AI score0.01078EPSS
Exploits0References2
Veracode
Veracode
added 2025/03/12 10:46 a.m.12 views

Authentication Bypass

github.com/fleetdm/fleet is vulnerable to Authentication Bypass. The vulnerability is due to insufficient validation of SAML authentication assertions, allowing an attacker to forge responses and create unauthorized accounts if Just-In-Time JIT provisioning or MDM enrollment is enabled...

9.3CVSS6.9AI score0.00623EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2024/07/02 3:49 p.m.22 views

CVE-2024-3826 Broken SAML Validation

In versions of Akana in versions prior to and including 2022.1.3 validation is broken when using the SAML Single Sign-On SSO functionality...

8.6CVSS0.00337EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/01/11 10:10 p.m.25 views

CVE-2021-43999 Improper validation of SAML responses

Apache Guacamole 1.2.0 and 1.3.0 do not properly validate responses received from a SAML identity provider. If SAML support is enabled, this may allow a malicious user to assume the identity of another Guacamole user...

8.8AI score0.01784EPSS
Exploits0References2
OSV
OSV
added 2021/01/21 3:15 p.m.5 views

UBUNTU-CVE-2021-21238

PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. All users of pysaml2 that need to validate signed SAML documents are impacted. The vulnerability is a variant of XML Signature wrapping...

6.5CVSS7.1AI score0.01078EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2017/02/16 6:0 p.m.56 views

CVE-2016-9814

The validateSignature method in the SAML2\Utils class in SimpleSAMLphp before 1.14.10 and simplesamlphp/saml2 library before 1.9.1, 1.10.x before 1.10.3, and 2.x before 2.3.3 allows remote attackers to spoof SAML responses or possibly cause a denial of service memory consumption by leveraging...

9.1CVSS9.2AI score0.02424EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2015/05/14 3:14 p.m.7 views

CXF: The SecurityTokenService accepts certain invalid SAML Tokens as valid

It was found that the SecurityTokenService STS, provided as a part of Apache CXF, could under certain circumstances accept invalid SAML tokens as valid. A remote attacker could use a specially crafted SAML token to gain access to an application that uses STS for validation of SAML tokens...

4.3CVSS7.3AI score0.07405EPSS
Exploits0References4
Rows per page
Query Builder