Lucene search
K

3786 matches found

Cvelist
Cvelist
added 2011/08/12 5:0 p.m.25 views

CVE-2008-7299

IBM Tivoli Federated Identity Manager TFIM 6.2.0 before 6.2.0.2 uses an incomplete SAML 1.x browser-artifact, which allows remote OpenID providers to spoof assertions via vectors related to the Issuer field...

6.3AI score0.00785EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2010/08/31 12:0 a.m.19 views

Fedora 13 : php-pear-CAS-1.1.2-1.fc13 (2010-12258)

Security fixes Fix a session hijacking hole CVE-2010-2795 PHPCAS-61 callbackurl in proxy mode should be urlencoded, possible XSS CVE-2010-2796 PHPCAS-67 Bug fixes Fix warnings for SAML responses without attributes PHPCAS-59 Fix duplicate SAML debug output PHPCAS-64 Providing a new ST/PT/SA during...

4CVSS5.3AI score0.02517EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2010/08/31 12:0 a.m.21 views

Fedora 12 : php-pear-CAS-1.1.2-1.fc12 (2010-12247)

Security fixes Fix a session hijacking hole CVE-2010-2795 PHPCAS-61 callbackurl in proxy mode should be urlencoded, possible XSS CVE-2010-2796 PHPCAS-67 Bug fixes Fix warnings for SAML responses without attributes PHPCAS-59 Fix duplicate SAML debug output PHPCAS-64 Providing a new ST/PT/SA during...

4CVSS5.3AI score0.02517EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2010/02/24 12:0 a.m.26 views

Debian DSA-1896-1 : opensaml, shibboleth-sp - several vulnerabilities

Several vulnerabilities have been discovered in the opensaml and shibboleth-sp packages, as used by Shibboleth 1.x : - Chris Ries discovered that decoding a crafted URL leads to a crash and potentially, arbitrary code execution. - Ian Young discovered that embedded NUL characters in certificate...

7.5CVSS5.8AI score0.01544EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2010/02/24 12:0 a.m.27 views

Debian DSA-1895-1 : xmltooling - several vulnerabilities

Several vulnerabilities have been discovered in the xmltooling packages, as used by Shibboleth : - Chris Ries discovered that decoding a crafted URL leads to a crash and potentially, arbitrary code execution. - Ian Young discovered that embedded NUL characters in certificate names were not...

7.5CVSS5.8AI score0.01544EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2009/10/19 12:0 a.m.30 views

Debian: Security Advisory (DSA-1895-2)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.5AI score0.04097EPSS
Exploits0References3
Debian
Debian
added 2009/10/09 6:58 p.m.11 views

[SECURITY] [DSA 1895-2] New opensaml2 and shibboleth-sp2 packages fix regression

------------------------------------------------------------------------ Debian Security Advisory DSA-1895-2 [email protected] http://www.debian.org/security/ Florian Weimer October 09, 2009 http://www.debian.org/security/faq -...

7.2AI score
Exploits0
OSV
OSV
added 2009/10/09 12:0 a.m.25 views

DSA-1895-2 opensaml2, shibboleth-sp2 - interpretation conflict

Bulletin has no description...

9.3CVSS5.5AI score0.04097EPSS
Exploits0
OpenVAS
OpenVAS
added 2009/10/06 12:0 a.m.24 views

Debian Security Advisory DSA 1896-1 (opensaml, shibboleth-sp)

The remote host is missing an update to opensaml, shibboleth-sp announced via advisory DSA 1896-1. OpenVAS Vulnerability Test $Id: deb18961.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1896-1 opensaml, shibboleth-sp Authors: Thomas Reinke Copyright:...

7.5CVSS0.1AI score0.01544EPSS
Exploits0
Debian
Debian
added 2009/09/28 5:13 a.m.14 views

[SECURITY] [DSA 1896-1] New Shibboleth 1.x packages fix potential code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1896-1 [email protected] http://www.debian.org/security/ Florian Weimer September 28, 2009 http://www.debian.org/security/faq -...

7.9AI score
Exploits0
securityvulns
securityvulns
added 2009/09/28 12:0 a.m.53 views

[SECURITY] [DSA 1896-1] New Shibboleth 1.x packages fix potential code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1896-1 [email protected] http://www.debian.org/security/ Florian Weimer September 28, 2009 http://www.debian.org/security/faq -...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2009/09/28 12:0 a.m.44 views

[SECURITY] [DSA 1895-1] New xmltooling packages fix potential code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1895-1 [email protected] http://www.debian.org/security/ Florian Weimer September 24, 2009 http://www.debian.org/security/faq -...

0.1AI score
Exploits0
OpenVAS
OpenVAS
added 2009/09/28 12:0 a.m.24 views

Debian Security Advisory DSA 1895-1 (xmltooling)

The remote host is missing an update to xmltooling announced via advisory DSA 1895-1. OpenVAS Vulnerability Test $Id: deb18951.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1895-1 xmltooling Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

7.5CVSS0.7AI score0.01544EPSS
Exploits0
OSV
OSV
added 2009/09/28 12:0 a.m.17 views

DSA-1896-1 opensaml shibboleth-sp - potential code execution

Bulletin has no description...

9.3CVSS5.6AI score0.04097EPSS
Exploits0
Debian
Debian
added 2009/09/24 7:3 p.m.13 views

[SECURITY] [DSA 1895-1] New xmltooling packages fix potential code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1895-1 [email protected] http://www.debian.org/security/ Florian Weimer September 24, 2009 http://www.debian.org/security/faq -...

8AI score
Exploits0
OSV
OSV
added 2009/09/24 12:0 a.m.39 views

DSA-1895-1 xmltooling - potential code execution

Bulletin has no description...

9.3CVSS5.5AI score0.04097EPSS
Exploits0
OpenVAS
OpenVAS
added 2009/01/13 12:0 a.m.22 views

Debian Security Advisory DSA 1700-1 (lasso)

The remote host is missing an update to lasso announced via advisory DSA 1700-1. OpenVAS Vulnerability Test $Id: deb17001.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1700-1 lasso Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

4.3CVSS6.5AI score0.01336EPSS
Exploits0
Prion
Prion
added 2008/09/03 2:12 p.m.19 views

Authentication flaw

The SAML Single Sign-On SSO Service for Google Apps allows remote service providers to impersonate users at arbitrary service providers via vectors related to authentication responses that lack a request identifier and recipient field...

7.5CVSS7.5AI score0.00514EPSS
Exploits0References2
NVD
NVD
added 2008/09/03 2:12 p.m.18 views

CVE-2008-3891

The SAML Single Sign-On SSO Service for Google Apps allows remote service providers to impersonate users at arbitrary service providers via vectors related to authentication responses that lack a request identifier and recipient field...

7.5CVSS7AI score0.00514EPSS
Exploits0References2
Cvelist
Cvelist
added 2008/09/03 2:0 p.m.27 views

CVE-2008-3891

The SAML Single Sign-On SSO Service for Google Apps allows remote service providers to impersonate users at arbitrary service providers via vectors related to authentication responses that lack a request identifier and recipient field...

7AI score0.00514EPSS
Exploits0References2
Rows per page
Query Builder