CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

576 matches found

Friends Of PHP•added 2017/03/17 9:34 a.m.•19 views

Multiple timing side-channel issues

More info at https://simplesamlphp.org/security/201703-01...

5.9CVSS7.2AI score0.00404EPSS

Exploits0Affected Software1

NVD•added 2017/02/17 2:59 a.m.•14 views

CVE-2016-9955

The SimpleSAMLXMLValidator class constructor in SimpleSAMLphp before 1.14.11 might allow remote attackers to spoof signatures on SAML 1 responses or possibly cause a denial of service memory consumption by leveraging improper conversion of return values to boolean...

6.3CVSS6.5AI score0.0041EPSS

Exploits0References3

OSV•added 2017/02/17 2:59 a.m.•14 views

CVE-2016-9955

6.3CVSS7.1AI score

Exploits0References3

NVD•added 2017/02/17 2:59 a.m.•13 views

CVE-2016-9814

The validateSignature method in the SAML2\Utils class in SimpleSAMLphp before 1.14.10 and simplesamlphp/saml2 library before 1.9.1, 1.10.x before 1.10.3, and 2.x before 2.3.3 allows remote attackers to spoof SAML responses or possibly cause a denial of service memory consumption by leveraging...

9.1CVSS9.2AI score0.00825EPSS

Exploits0References3

OSV•added 2017/02/17 2:59 a.m.•0 views

DEBIAN-CVE-2016-9955

6.3CVSS7AI score0.0041EPSS

Exploits0References1

OSV•added 2017/02/17 2:59 a.m.•19 views

CVE-2016-9814

9.1CVSS7.1AI score

Exploits0References3

OSV•added 2017/02/17 2:59 a.m.•0 views

UBUNTU-CVE-2016-9955

6.3CVSS6.8AI score0.0041EPSS

Exploits0References5

UbuntuCve•added 2017/02/17 2:59 a.m.•18 views

CVE-2016-9955

6.3CVSS6.8AI score0.0041EPSS

Exploits0References4

OSV•added 2017/02/17 2:59 a.m.•0 views

UBUNTU-CVE-2016-9814

9.1CVSS7.3AI score0.00825EPSS

Exploits0References6

CVE•added 2017/02/16 6:0 p.m.•70 views

CVE-2016-9814

Summary: CVE-2016-9814 affects SimpleSAMLphp and the simplesamlphp/saml2 library. The vulnerability stems from an improper conversion of return values to boolean in the validateSignature method of SAML2\Utils, enabling remote attackers to spoof SAML responses or cause a memory-related Denial of S...

9.1CVSS9AI score0.00825EPSS

Exploits0References3Affected Software1

Cvelist•added 2017/02/16 6:0 p.m.•20 views

CVE-2016-9814

9.1AI score0.00825EPSS

Exploits0References3

Cvelist•added 2017/02/16 6:0 p.m.•20 views

CVE-2016-9955

6.6AI score0.0041EPSS

Exploits0References3

Debian CVE•added 2017/02/16 6:0 p.m.•23 views

CVE-2016-9955

6.3CVSS6.7AI score0.0041EPSS

Exploits0

CVE•added 2017/02/16 6:0 p.m.•71 views

CVE-2016-9955

The CVE-2016-9955 issue affects SimpleSAMLphp up to version 1.14.10 via the SimpleSAML_XML_Validator constructor. Affected component: SimpleSAML_XML_Validator in SimpleSAMLphp; root cause: improper conversion of return values to boolean in signature validation, allowing an attacker to spoof signa...

6.3CVSS6.4AI score0.0041EPSS

Exploits0References3Affected Software1

CNVD•added 2017/02/09 12:0 a.m.•3 views

SimpleSAMLphp sanitycheck module information disclosure vulnerability

SimpleSAMLphp is a PHP authentication application that implements the SAML 2.0 service provider and identity provider functionality. sanitycheck is one of the soundness checking module. A security vulnerability exists in the sanitycheck module in versions of SimpleSAMLphp prior to 1.14.1. A remot...

5.3CVSS5.6AI score0.00203EPSS

Exploits0References1

OSV•added 2017/02/07 5:59 p.m.•14 views

CVE-2016-3124

The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remote attackers to learn the PHP version on the system via unspecified vectors...

5.3CVSS7AI score

Exploits0References2

OSV•added 2017/02/07 5:59 p.m.•3 views

UBUNTU-CVE-2016-3124

The sanitycheck module in SimpleSAMLphp before 1.14.1 allows remote attackers to learn the PHP version on the system via unspecified vectors...

5.3CVSS6.1AI score0.00203EPSS

Exploits0References4