EUVD-2025-12431

Malicious code in bioql PyPI...

CVE-2024-11208

A vulnerability was found in Apereo CAS 6.6 and classified as problematic. Affected by this issue is some unknown functionality of the file /login?service. The manipulation leads to session expiration. The attack may be launched remotely. The complexity of an attack is rather high. The exploitati...

CVE-2025-3986

A vulnerability was found in Apereo CAS 5.2.6. It has been declared as problematic. This vulnerability affects unknown code of the file cas-5.2.6\core\cas-server-core-configuration-metadata-repository\src\main\java\org\apereo\cas\metadata\rest\CasConfigurationMetadataServerController.java. The...

CAS <= 1.0.0 - Unauthenticated SSRF

Description The plugin does not validate a parameter before making a request to it, which could allow unauthenticated users to perform SSRF attack https://example.com/wp-content/themes/cas/download.php?path=http://127.0.0.1:8080...

The vulnerability of the implementations of CAS, SAML, and OpenID Connect protocols in the web application for deploying distributed social networks like Mastodon allows attackers to circumvent security restrictions and gain access to user accounts.

The vulnerability of the implementation of CAS, SAML, and OpenID Connect protocols in the web application for deploying distributed social networks like Mastodon is related to deficiencies in the authentication process due to changes in the email address during login to the system. Exploiting thi...