Lucene search
K

142 matches found

EUVD
EUVD
added 2026/03/09 12:31 p.m.6 views

EUVD-2026-10318

In AWS Auth manager, the origin of the SAML authentication has been used as provided by the client and not verified against the actual instance URL. This allowed to gain access to different instances with potentially different access controls by reusing SAML response from other instances. You...

5.4CVSS5.7AI score0.00359EPSS
Exploits1References3
OSV
OSV
added 2026/03/09 11:16 a.m.5 views

CVE-2026-25604

In AWS Auth manager, the origin of the SAML authentication has been used as provided by the client and not verified against the actual instance URL. This allowed to gain access to different instances with potentially different access controls by reusing SAML response from other instances. You...

5.4CVSS5.7AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/03/05 3:33 p.m.6 views

keycloak-services: Keycloak: Unauthorized access via improper validation of encrypted SAML assertions

A flaw was found in Keycloak. Keycloak's Security Assertion Markup Language SAML broker endpoint does not properly validate encrypted assertions when the overall SAML response is not signed. An attacker with a valid signed SAML assertion can exploit this by crafting a malicious SAML response. Thi...

7.7CVSS5.8AI score0.00241EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.3 views

PT-2026-22980

A vulnerability in the SAML 2.0 single sign-on SSO feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability is due to insufficient error checki...

8.6CVSS6AI score0.00354EPSS
Exploits0References1
OSV
OSV
added 2026/02/18 6:24 p.m.3 views

CVE-2026-20144

In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.8, and 9.2.11, and Splunk Cloud Platform versions below 10.2.2510.0, 10.1.2507.11, 10.0.2503.9, and 9.3.2411.120, a user of a Splunk Search Head Cluster SHC deployment who holds a role with access to the the Splunk internal index coul...

4.9CVSS5.8AI score0.00363EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/18 4:45 p.m.6 views

CVE-2026-20144

In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.8, and 9.2.11, and Splunk Cloud Platform versions below 10.2.2510.0, 10.1.2507.11, 10.0.2503.9, and 9.3.2411.120, a user of a Splunk Search Head Cluster SHC deployment who holds a role with access to the the Splunk internal index coul...

6.8CVSS5.5AI score0.00363EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2026/01/26 9:30 p.m.2 views

GHSA-63V5-26VQ-M4VM Keycloak's missing timestamp validation allows attackers to extend SAML response validity periods

A flaw was found in Keycloak's SAML brokering functionality. When Keycloak is configured as a client in a Security Assertion Markup Language SAML setup, it fails to validate the NotOnOrAfter timestamp within the SubjectConfirmationData. This allows an attacker to delay the expiration of SAML...

3.1CVSS5.8AI score0.00369EPSS
Exploits0References7
NVD
NVD
added 2026/01/26 8:16 p.m.10 views

CVE-2026-1190

A flaw was found in Keycloak's SAML brokering functionality. When Keycloak is configured as a client in a Security Assertion Markup Language SAML setup, it fails to validate the NotOnOrAfter timestamp within the SubjectConfirmationData. This allows an attacker to delay the expiration of SAML...

3.1CVSS0.00369EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/26 7:36 p.m.19 views

CVE-2026-1190 Org.keycloak/keycloak-services: keycloak saml brokering: response delay due to unchecked notonorafter in subjectconfirmationdata

A flaw was found in Keycloak's SAML brokering functionality. When Keycloak is configured as a client in a Security Assertion Markup Language SAML setup, it fails to validate the NotOnOrAfter timestamp within the SubjectConfirmationData. This allows an attacker to delay the expiration of SAML...

3.1CVSS0.00369EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/09 8:59 a.m.4 views

CVE-2023-50176

A session fixation in Fortinet FortiOS version 7.4.0 through 7.4.3 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.13 allows attacker to execute unauthorized code or commands via phishing SAML authentication link...

8.8CVSS7.7AI score0.00551EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/11/17 10:28 p.m.5 views

lasso: Type confusion in Entr'ouvert Lasso

A type confusion vulnerability exists in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso 2.8.2 and prior. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability...

9.8CVSS6.1AI score0.00824EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/11/17 12:45 a.m.5 views

lasso: Type confusion in Entr'ouvert Lasso

A type confusion vulnerability exists in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso 2.8.2 and prior. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability...

9.8CVSS6.1AI score0.00824EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/11/17 12:45 a.m.9 views

lasso: Type confusion in Entr'ouvert Lasso

A type confusion vulnerability exists in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso 2.8.2 and prior. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability...

9.8CVSS6.1AI score0.00824EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/11/17 12:42 a.m.5 views

lasso: Type confusion in Entr'ouvert Lasso

A type confusion vulnerability exists in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso 2.8.2 and prior. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability...

9.8CVSS6.1AI score0.00824EPSS
Exploits1References6
NVD
NVD
added 2025/11/05 3:15 p.m.2 views

CVE-2025-46784

A denial of service vulnerability exists in the lassonodeinitfrommessagewithformat functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a memory depletion, resulting in denial of service. An attacker can send a malformed SAML response to trigger this vulnerabili...

7.5CVSS0.0046EPSS
Exploits1References2
OSV
OSV
added 2025/11/05 3:15 p.m.5 views

AZL-69857 CVE-2025-46705 affecting package lasso 2.8.0-1

A denial of service vulnerability exists in the gassertnotreached functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML assertion response can lead to a denial of service. An attacker can send a malformed SAML response to trigger this vulnerability...

7.5CVSS5.8AI score0.00444EPSS
Exploits1References1
OSV
OSV
added 2025/11/05 3:15 p.m.3 views

UBUNTU-CVE-2025-46784

A denial of service vulnerability exists in the lassonodeinitfrommessagewithformat functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a memory depletion, resulting in denial of service. An attacker can send a malformed SAML response to trigger this vulnerabili...

7.5CVSS5.8AI score0.0046EPSS
Exploits1References4
OSV
OSV
added 2025/11/05 3:15 p.m.2 views

UBUNTU-CVE-2025-46404

A denial of service vulnerability exists in the lassoproviderverifysamlsignature functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a denial of service. An attacker can send a malformed SAML response to trigger this vulnerability...

7.5CVSS5.8AI score0.0046EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/15 3:30 p.m.3 views

EUVD-2025-34655

When the BIG-IP system is configured as both a Security Assertion Markup Language SAML service provider SP and Identity Provider IdP, with single logout SLO enabled on an access policy, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have...

7.1CVSS6.2AI score0.00357EPSS
Exploits0References2
CVE
CVE
added 2025/10/15 1:55 p.m.15 views

CVE-2025-47148

CVE-2025-47148 affects BIG-IP with APM/SSL Orchestrator when configured as both SAML SP and IdP with SLO enabled; undisclosed requests can cause memory resource exhaustion, leading to DoS on the BIG-IP data plane. F5’s October 2025 security bundle K000156572 provides fixes across multiple branche...

7.1CVSS6.4AI score0.00357EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder