576 matches found
EUVD-2023-0445
Malicious code in bioql PyPI...
EUVD-2022-5314
Malicious code in bioql PyPI...
Tenable Security Center Multiple Vulnerabilities (TNS-2025-20)
According to its self-reported version, the Tenable Security Center running on the remote host is version 6.6.0. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2025-20 advisory. - Symphony process is a module for the Symphony PHP framework which executes commands ...
Linux Distros Unpatched Vulnerability : CVE-2017-18122
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A signature-validation bypass issue was discovered in SimpleSAMLphp through 1.14.16. A SimpleSAMLphp Service Provider using SAML 1.1 will regard as valid any...
Linux Distros Unpatched Vulnerability : CVE-2024-52596
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SimpleSAMLphp xml-common is a common classes for handling XML-structures. When loading an untrusted XML document, for example the SAMLResponse, it's possible to...
Linux Distros Unpatched Vulnerability : CVE-2018-6520
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SimpleSAMLphp before 1.15.2 allows remote attackers to bypass an open redirect protection mechanism via crafted authority data in a URL. CVE-2018-6520 Note that...
Linux Distros Unpatched Vulnerability : CVE-2017-12869
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The multiauth module in SimpleSAMLphp 1.14.13 and earlier allows remote attackers to bypass authentication context restrictions and use an authentication source...
Linux Distros Unpatched Vulnerability : CVE-2017-12871
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The aesEncrypt method in lib/SimpleSAML/Utils/Crypto.php in SimpleSAMLphp 1.14.x through 1.14.11 makes it easier for context-dependent attackers to bypass the...
Linux Distros Unpatched Vulnerability : CVE-2024-52806
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SimpleSAMLphp SAML2 library is a PHP library for SAML2 related functionality. When loading an untrusted XML document, for example the SAMLResponse, it's possibl...
Linux Distros Unpatched Vulnerability : CVE-2025-27773
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The SimpleSAMLphp SAML2 library is a PHP library for SAML2 related functionality. Prior to versions 4.17.0 and 5.0.0-alpha.20, there is a signature confusion...
Linux Distros Unpatched Vulnerability : CVE-2017-12873
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SimpleSAMLphp 1.7.0 through 1.14.10 might allow attackers to obtain sensitive information, gain unauthorized access, or have unspecified other impacts by...
Linux Distros Unpatched Vulnerability : CVE-2017-12867
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The SimpleSAMLAuthTimeLimitedToken class in SimpleSAMLphp 1.14.14 and earlier allows attackers with access to a secret token to extend its validity period by...
Linux Distros Unpatched Vulnerability : CVE-2017-12874
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The InfoCard module 1.0 for SimpleSAMLphp allows attackers to spoof XML messages by leveraging an incorrect check of return values in signature validation...
Linux Distros Unpatched Vulnerability : CVE-2017-12868
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The secureCompare method in lib/SimpleSAML/Utils/Crypto.php in SimpleSAMLphp 1.14.13 and earlier, when used with PHP before 5.6, allows attackers to conduct...
Linux Distros Unpatched Vulnerability : CVE-2016-9814
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The validateSignature method in the SAML2\Utils class in SimpleSAMLphp before 1.14.10 and simplesamlphp/saml2 library before 1.9.1, 1.10.x before 1.10.3, and 2....
Linux Distros Unpatched Vulnerability : CVE-2016-9955
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The SimpleSAMLXMLValidator class constructor in SimpleSAMLphp before 1.14.11 might allow remote attackers to spoof signatures on SAML 1 responses or possibly...
Linux Distros Unpatched Vulnerability : CVE-2018-7644
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The XmlSecLibs library as used in the saml2 library in SimpleSAMLphp before 1.15.3 incorrectly verifies signatures on SAML assertions, allowing a remote attacke...
Linux Distros Unpatched Vulnerability : CVE-2016-3124
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remote attackers to learn the PHP version on the system via unspecified vectors. CVE-2016-3124 Note...
Linux Distros Unpatched Vulnerability : CVE-2017-12870
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SimpleSAMLphp 1.14.12 and earlier make it easier for man-in-the-middle attackers to obtain sensitive information by leveraging use of the aesEncrypt and...
Linux Distros Unpatched Vulnerability : CVE-2017-18121
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The consentAdmin module in SimpleSAMLphp through 1.14.15 is vulnerable to a Cross-Site Scripting attack, allowing an attacker to craft links that could execute...