Lucene search
K

308 matches found

OSV
OSV
added 2026/03/09 11:16 a.m.5 views

CVE-2026-25604

In AWS Auth manager, the origin of the SAML authentication has been used as provided by the client and not verified against the actual instance URL. This allowed to gain access to different instances with potentially different access controls by reusing SAML response from other instances. You...

5.4CVSS5.7AI score
Exploits0References3
NVD
NVD
added 2026/03/05 7:16 p.m.11 views

CVE-2026-3047

A flaw was found in org.keycloak.broker.saml. When a disabled Security Assertion Markup Language SAML client is configured as an Identity Provider IdP-initiated broker landing target, it can still complete the login process and establish a Single Sign-On SSO session. This allows a remote attacker...

8.8CVSS0.00469EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/03/05 6:28 p.m.6 views

CVE-2026-3047

A flaw was found in org.keycloak.broker.saml. When a disabled Security Assertion Markup Language SAML client is configured as an Identity Provider IdP-initiated broker landing target, it can still complete the login process and establish a Single Sign-On SSO session. This allows a remote attacker...

8.8CVSS5.9AI score0.00469EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/03/05 3:33 p.m.6 views

keycloak-services: Keycloak: Unauthorized access via improper validation of encrypted SAML assertions

A flaw was found in Keycloak. Keycloak's Security Assertion Markup Language SAML broker endpoint does not properly validate encrypted assertions when the overall SAML response is not signed. An attacker with a valid signed SAML assertion can exploit this by crafting a malicious SAML response. Thi...

7.7CVSS5.8AI score0.00241EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/04 5:52 p.m.5 views

CVE-2026-20102 Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software SAML Reflected Cross-Site Scripting Vulnerability

A vulnerability in the SAML 2.0 single sign-on SSO feature of Cisco Secure Firewall ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the SAML feature and access sensitive,...

6.1CVSS5.8AI score0.00264EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/04 5:19 p.m.4 views

CVE-2026-20101

A vulnerability in the SAML 2.0 single sign-on SSO feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability is due to insufficient error checki...

8.6CVSS6AI score0.00354EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.3 views

PT-2026-22980

A vulnerability in the SAML 2.0 single sign-on SSO feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability is due to insufficient error checki...

8.6CVSS6AI score0.00354EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/18 4:45 p.m.6 views

CVE-2026-20144

In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.8, and 9.2.11, and Splunk Cloud Platform versions below 10.2.2510.0, 10.1.2507.11, 10.0.2503.9, and 9.3.2411.120, a user of a Splunk Search Head Cluster SHC deployment who holds a role with access to the the Splunk internal index coul...

6.8CVSS5.5AI score0.00363EPSS
Exploits0References2Affected Software2
CNNVD
CNNVD
added 2026/02/18 12:0 a.m.6 views

Splunk Cloud Platform和Splunk Enterprise 日志信息泄露漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. Both Splunk Enterprise and Splunk Clo...

6.8CVSS5.8AI score0.00363EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/01/26 9:30 p.m.19 views

Keycloak's missing timestamp validation allows attackers to extend SAML response validity periods

A flaw was found in Keycloak's SAML brokering functionality. When Keycloak is configured as a client in a Security Assertion Markup Language SAML setup, it fails to validate the NotOnOrAfter timestamp within the SubjectConfirmationData. This allows an attacker to delay the expiration of SAML...

3.1CVSS5.8AI score0.00369EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/01/26 9:30 p.m.2 views

GHSA-63V5-26VQ-M4VM Keycloak's missing timestamp validation allows attackers to extend SAML response validity periods

A flaw was found in Keycloak's SAML brokering functionality. When Keycloak is configured as a client in a Security Assertion Markup Language SAML setup, it fails to validate the NotOnOrAfter timestamp within the SubjectConfirmationData. This allows an attacker to delay the expiration of SAML...

3.1CVSS5.8AI score0.00369EPSS
Exploits0References7
NVD
NVD
added 2026/01/26 8:16 p.m.10 views

CVE-2026-1190

A flaw was found in Keycloak's SAML brokering functionality. When Keycloak is configured as a client in a Security Assertion Markup Language SAML setup, it fails to validate the NotOnOrAfter timestamp within the SubjectConfirmationData. This allows an attacker to delay the expiration of SAML...

3.1CVSS0.00369EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/01/26 7:36 p.m.4 views

CVE-2026-1190 Org.keycloak/keycloak-services: keycloak saml brokering: response delay due to unchecked notonorafter in subjectconfirmationdata

A flaw was found in Keycloak's SAML brokering functionality. When Keycloak is configured as a client in a Security Assertion Markup Language SAML setup, it fails to validate the NotOnOrAfter timestamp within the SubjectConfirmationData. This allows an attacker to delay the expiration of SAML...

3.1CVSS5.8AI score0.00369EPSS
Exploits0References4
Veracode
Veracode
added 2026/01/21 8:38 a.m.9 views

Open Redirect

Directus is vulnerable to Open Redirect. The vulnerability is due to improper validation of the RelayState parameter in the SAML authentication callback endpoint, which allows an attacker to craft a malicious authentication request that redirects users to an arbitrary external URL after login...

6.1CVSS5.8AI score0.00196EPSS
Exploits0References3Affected Software2
EUVD
EUVD
added 2026/01/08 2:32 p.m.6 views

EUVD-2026-0980

Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 11.14.0, an open redirect vulnerability exists in the Directus SAML authentication callback endpoint. During SAML authentication, the RelayState parameter is intended to preserve the user's original...

4.3CVSS7.1AI score0.00196EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/08 12:0 a.m.8 views

PT-2026-2139

Name of the Vulnerable Software and Affected Versions Directus versions prior to 11.14.0 Description Directus is a real-time API and App dashboard for managing SQL database content. An open redirect exists in the Directus SAML authentication callback endpoint. The RelayState parameter, intended t...

6.1CVSS7.3AI score0.00196EPSS
Exploits0References8
EUVD
EUVD
added 2025/12/09 5:24 p.m.5 views

EUVD-2025-202168

SAML PHP Toolkit Vulnerability on xmlseclibs CVE-2025-66475...

6.4AI score
Exploits0References6
Cvelist
Cvelist
added 2025/12/09 5:20 p.m.30 views

CVE-2025-59718

A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.10, FortiProxy 7.2.0 through 7.2.14,...

9.8CVSS0.65825EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/09 1:55 a.m.6 views

EUVD-2025-201812

The ruby-saml library is for implementing the client side of a SAML authorization. ruby-saml versions up to and including 1.12.4 contain an authentication bypass vulnerability due to an incomplete fix for CVE-2025-25292. ReXML and Nokogiri parse XML differently, generating entirely different...

9.8CVSS6.6AI score0.63792EPSS
Exploits1References4
OSV
OSV
added 2025/11/18 2:59 p.m.7 views

USN-7872-1 lasso vulnerabilities

It was discovered that Lasso incorrectly handled certain malformed SAML responses. A remote attacker could possibly use this issue to cause Lasso to crash, resulting in a denial of service. CVE-2025-46404 It was discovered that Lasso incorrectly handled certain malformed SAML assertion responses....

9.8CVSS6AI score0.00824EPSS
Exploits4References5
Rows per page
Query Builder