EUVD-2026-35886

An attacker with write permissions to the database table managed by JdbcAssertingPartyMetadataRepository saml2assertingpartymetadata may be able to store malicious serialized payloads in the columns containing the collection of verification or encryption credentials verificationcredentials and...

CVE-2022-23505

Passport-wsfed-saml2 is a ws-federation protocol and SAML2 tokens authentication provider for Passport. In versions prior to 4.6.3, a remote attacker may be able to bypass WSFed authentication on a website using passport-wsfed-saml2. A successful attack requires that the attacker is in possession...

EUVD-2015-0038

Malware in sbrugna...

EUVD-2015-0037

Malware in sbrugna...

EUVD-2018-0156

Malware in sbrugna...

EUVD-2016-6687

Malware in sbrugna...

EUVD-2020-0374

Malware in sbrugna...

EUVD-2020-0344

Malware in sbrugna...

EUVD-2021-23728

Malware in sbrugna...

EUVD-2025-4792

Malicious code in bioql PyPI...

EUVD-2023-2496

Malicious code in bioql PyPI...

EUVD-2022-2125

Malicious code in bioql PyPI...

EUVD-2024-3495

Malicious code in bioql PyPI...

EUVD-2022-4159

Malicious code in bioql PyPI...

EUVD-2025-7804

Malicious code in bioql PyPI...

EUVD-2022-7706

Malicious code in bioql PyPI...

EUVD-2025-4791

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2018-6519

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The SAML2 library before 1.10.4, 2.x before 2.3.5, and 3.x before 3.1.1 in SimpleSAMLphp has a Regular Expression Denial of Service vulnerability for...

CVE-2023-41890

Sustainsys.Saml2 library adds SAML2P support to ASP.NET web sites, allowing the web site to act as a SAML2 Service Provider. Prior to versions 1.0.3 and 2.9.2, when a response is processed, the issuer of the Identity Provider is not sufficiently validated. This could allow a malicious identity...

CVE-2020-5268

In Saml2 Authentication Services for ASP.NET versions before 1.0.2, and between 2.0.0 and 2.6.0, there is a vulnerability in how tokens are validated in some cases. Saml2 tokens are usually used as bearer tokens - a caller that presents a token is assumed to be the subject of the token. There is...