80 matches found
Security Bulletin: Multiple security vulnerabilities in IBM Business Automation Manager Open Editions
Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed in IBM Business Automation Manager Open Editions 9.5.0 Vulnerability Details CVEID:CVE-2026-33871 DESCRIPTION: Netty is an asynchronous, event-driven network application...
CVE-2026-9098
Casdoor versions up to 2.362.0 expose a SAML flaw: the /api/acs callback accepts any well-formed SAMLResponse without tying it to a prior AuthnRequest. If an administrator disables or deletes an IdP during a flow, the handler still uses the initial provider snapshot, enabling unsolicited SAML res...
CVE-2026-9093 CVE-2026-9093
In Casdoor versions 2.362.0 and earlier, the SAML service provider implementation does not validate the AudienceRestriction element in SAML assertions. The buildSp function in object/samlsp.go never sets AudienceURI on the gosaml2 SAMLServiceProvider struct and never inspects...
CVE-2026-25922
authentik is an open-source identity provider. Prior to 2025.8.6, 2025.10.4, and 2025.12.4, when using a SAML Source that has the option Verify Assertion Signature under Verification Certificate enabled and not Verify Response Signature, or does not have the Encryption Certificate setting under...
MiracleLinux 8 : grafana-7.3.6-2.el8 (AXSA:2021-2087:03)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2087:03 advisory. crewjam/saml: authentication bypass in saml authentication CVE-2020-27846 grafana: XSS via a query alias for the Elasticsearch and Testdata datasour...
CVE-2022-37011
A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions V1.17.0, Mendix SAML Mendix 8 compatible All versions V2.3.0, Mendix SAML Mendix 9 compatible, New Track All versions V3.3.1, Mendix SAML Mendix 9 compatible, Upgrade Track All versions V3.3.0. Affected versions o...
CVE-2023-29129
A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.17.3 = V1.16.4 = V2.3.0 = V2.2.0 = V3.3.1 = V3.1.9 = V3.3.0 = V3.1.8 = V3.3.1 = V3.3.0 = V3.1.9 = V3.1.8 V3.2.6. The affected versions of the module insufficiently verify the SAML assertions. This could allow...
CVE-2025-46784
A denial of service vulnerability exists in the lassonodeinitfrommessagewithformat functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a memory depletion, resulting in denial of service. An attacker can send a malformed SAML response to trigger this...
EUVD-2014-6471
Malware in sbrugna...
EUVD-2018-0357
Malware in sbrugna...
EUVD-2019-0585
Malware in sbrugna...
EUVD-2018-0667
Malware in sbrugna...
EUVD-2015-5328
Malware in sbrugna...
EUVD-2021-1267
Malware in sbrugna...
EUVD-2020-0157
Malware in sbrugna...
EUVD-2019-0579
Malware in sbrugna...
EUVD-2024-2513
Malicious code in bioql PyPI...
EUVD-2022-2997
Malicious code in bioql PyPI...
EUVD-2022-47400
Malicious code in bioql PyPI...
EUVD-2022-49605
Malicious code in bioql PyPI...