Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

576 matches found

Veracode
Veracodeadded 2018/05/25 6:37 a.m.17 views

Cross-site Scripting (XSS)

simplesamlphp is vulnerable to cross-site scripting XSS attacks. A malicious user can craft URLs that include Javascript to pass to another user for execution through the setConsentText function in the consentAdmin module. This vulnerability requires the consentAdmin module to be enabled and...

6.1CVSS6.4AI score0.00355EPSS
Exploits0References4Affected Software1
Veracode
Veracodeadded 2018/05/23 7:1 a.m.21 views

Bypassing Signature Validation

simplesamlphp is vulnerable to bypassing signature validation. There is a flaw in signature verification on SAML assertions which allows construction of a crafted SAML assertion on behalf of an Identity Provider. Consequently, an attacker can impersonate a user from that Identity Provider...

7.5CVSS7.4AI score0.00213EPSS
Exploits0References3Affected Software2
Friends Of PHP
Friends Of PHPadded 2018/04/17 7:15 a.m.14 views

Information disclosure of source code

More info at https://simplesamlphp.org/security/202004-01...

3.5CVSS7.2AI score0.00142EPSS
Exploits0Affected Software1
Fedora
Fedoraadded 2018/03/30 1:30 p.m.20 views

[SECURITY] Fedora 28 Update: php-simplesamlphp-saml2-2.3.8-1.fc28

A PHP library for SAML2 related functionality. Extracted from SimpleSAMLphp 1, used by OpenConext 2. This library started as a collaboration between UNINETT 3 and SURFnet 4 but everyone is invited to contribute. Autoloader: /usr/share/php/SAML2/autoload.php 1 https://www.simplesamlphp.org/ 2...

8.1CVSS0.7AI score0.00467EPSS
Exploits0
Fedora
Fedoraadded 2018/03/30 1:30 p.m.19 views

[SECURITY] Fedora 28 Update: php-simplesamlphp-saml2_3-3.1.4-3.fc28

A PHP library for SAML2 related functionality. Extracted from SimpleSAMLphp 1, used by OpenConext 2. This library started as a collaboration between UNINETT 3 and SURFnet 4 but everyone is invited to contribute. Autoloader: /usr/share/php/SAML23/autoload.php 1 https://www.simplesamlphp.org/ 2...

8.1CVSS0.7AI score0.00467EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2018/03/27 12:0 a.m.30 views

Fedora 26 : php-simplesamlphp-saml2 (2018-f4ab4d96f9)

SSPSA 201803-01 / CVE-2018-7711 - SSPSA 201802-01 / CVE-2018-7644 - SSPSA 201801-01 / CVE-2018-6519 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much...

8.1CVSS7.4AI score0.00467EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2018/03/27 12:0 a.m.26 views

Debian DLA-1314-1 : simplesamlphp security update

Cure53 discovered that in SimpleSAMLphp, in rare circumstances an invalid signature on the SAML 2.0 HTTP Redirect binding could be considered valid. Additionally this update fixes a regression introduced in DLA-1298 by the backported patch for SSA-201802-01/CVE-2018-7644. For Debian 7 'Wheezy',...

8.1CVSS7.5AI score0.0032EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2018/03/27 12:0 a.m.23 views

Fedora 27 : php-simplesamlphp-saml2 (2018-6db40b0c37)

SSPSA 201803-01 / CVE-2018-7711 - SSPSA 201802-01 / CVE-2018-7644 - SSPSA 201801-01 / CVE-2018-6519 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much...

8.1CVSS7.4AI score0.00467EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2018/03/27 12:0 a.m.19 views

Fedora 27 : php-simplesamlphp-saml2_3 (2018-37e28670f2)

SSPSA 201803-01 / CVE-2018-7711 - SSPSA 201802-01 / CVE-2018-7644 - SSPSA 201801-01 / CVE-2018-6519 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much...

8.1CVSS7.4AI score0.00467EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2018/03/27 12:0 a.m.28 views

Fedora 27 : php-simplesamlphp-saml2_1 (2018-96601292a2)

SSPSA 201803-01 / CVE-2018-7711 - SSPSA 201802-01 / CVE-2018-7644 - SSPSA 201801-01 / CVE-2018-6519 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much...

8.1CVSS7.4AI score0.00467EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2018/03/27 12:0 a.m.19 views

Fedora 26 : php-simplesamlphp-saml2_3 (2018-f2097d8937)

SSPSA 201803-01 / CVE-2018-7711 - SSPSA 201802-01 / CVE-2018-7644 - SSPSA 201801-01 / CVE-2018-6519 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much...

8.1CVSS7.4AI score0.00467EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2018/03/27 12:0 a.m.23 views

Fedora 26 : php-simplesamlphp-saml2_1 (2018-d809bd2fd6)

SSPSA 201803-01 / CVE-2018-7711 - SSPSA 201802-01 / CVE-2018-7644 - SSPSA 201801-01 / CVE-2018-6519 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much...

8.1CVSS7.4AI score0.00467EPSS
Exploits0References5
OpenVAS
OpenVASadded 2018/03/26 12:0 a.m.24 views

Fedora Update for php-simplesamlphp-saml2_3 FEDORA-2018-37e28670f2

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.9AI score0.00467EPSS
Exploits0References2
OpenVAS
OpenVASadded 2018/03/26 12:0 a.m.17 views

Fedora Update for php-simplesamlphp-saml2_1 FEDORA-2018-96601292a2

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.9AI score0.00467EPSS
Exploits0References2
OpenVAS
OpenVASadded 2018/03/26 12:0 a.m.21 views

Fedora Update for php-simplesamlphp-saml2_3 FEDORA-2018-f2097d8937

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.9AI score0.00467EPSS
Exploits0References2
OpenVAS
OpenVASadded 2018/03/26 12:0 a.m.22 views

Fedora Update for php-simplesamlphp-saml2_1 FEDORA-2018-d809bd2fd6

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.9AI score0.00467EPSS
Exploits0References2
OpenVAS
OpenVASadded 2018/03/26 12:0 a.m.19 views

Debian: Security Advisory (DLA-1314-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.9AI score0.0032EPSS
Exploits0References3
OpenVAS
OpenVASadded 2018/03/26 12:0 a.m.27 views

Fedora Update for php-simplesamlphp-saml2 FEDORA-2018-f4ab4d96f9

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.9AI score0.00467EPSS
Exploits0References2
OpenVAS
OpenVASadded 2018/03/26 12:0 a.m.25 views

Fedora Update for php-simplesamlphp-saml2 FEDORA-2018-6db40b0c37

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.9AI score0.00467EPSS
Exploits0References2
OpenVAS
OpenVASadded 2018/03/26 12:0 a.m.22 views

Debian: Security Advisory (DLA-1298-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS7.2AI score0.00825EPSS
Exploits0References3
Rows per page
Query Builder