EUVD-2025-4791

Malicious code in bioql PyPI...

CVE-2025-24895

CIE.AspNetCore.Authentication is an AspNetCore Remote Authenticator for CIE 3.0. Authentication using Spid and CIE is based on the SAML2 standard which provides two entities: 1. Identity Provider IDP: the system that authenticates users and provides identity information SAML affirmation to the...

CVE-2025-24895 SAML Response Signature Verification Bypass in CIE.AspNetCore.Authentication

CIE.AspNetCore.Authentication is an AspNetCore Remote Authenticator for CIE 3.0. Authentication using Spid and CIE is based on the SAML2 standard which provides two entities: 1. Identity Provider IDP: the system that authenticates users and provides identity information SAML affirmation to the...

CVE-2025-24895 SAML Response Signature Verification Bypass in CIE.AspNetCore.Authentication

CIE.AspNetCore.Authentication is an AspNetCore Remote Authenticator for CIE 3.0. Authentication using Spid and CIE is based on the SAML2 standard which provides two entities: 1. Identity Provider IDP: the system that authenticates users and provides identity information SAML affirmation to the...

CVE-2025-24895 SAML Response Signature Verification Bypass in CIE.AspNetCore.Authentication

CIE.AspNetCore.Authentication is an AspNetCore Remote Authenticator for CIE 3.0. Authentication using Spid and CIE is based on the SAML2 standard which provides two entities: 1. Identity Provider IDP: the system that authenticates users and provides identity information SAML affirmation to the...

CVE-2025-24895

CVE-2025-24895 describes a SAML signature verification bypass in the CIE.AspNetCore.Authentication SP component for SPID/CIE. The issue arises because the first signature in a SAML response is not guaranteed to refer to the root object; an attacker could inject an item signed as the first element...

AspNetCore Remote Authenticator for CIE3.0 授权问题漏洞

AspNetCore Remote Authenticator for CIE3.0 is an open source AspNetCore Remote Authenticator for CIE 3.0 by Developers Italia. An authorization issue vulnerability exists in AspNetCore Remote Authenticator for CIE3.0 that stems from not properly verifying the signature of a SAML response. An...

CVE-2024-3383

A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine CIE agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your...

Wordpress esb-csv-import-export plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation of a set of blogging platform developed using the PHP language , the platform supports PHP and MySQL servers to set up a personal blog site . esb-csv-import-export plugin is used in one of the plug-ins for importing and exporting CSV files . A...

CVE-2017-17753

Multiple cross-site scripting XSS vulnerabilities in the esb-csv-import-export plugin through 1.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 cietype, 2 cieimport, 3 cieupdate, or 4 cieignore parameter to includes/admin/views/esb-cie-import-export-page.ph...

coulon-cie.pagesperso-orange.fr Open Redirect vulnerability

Vulnerable URL: http://coulon-cie.pagesperso-orange.fr/flashdetection.swf?flashContentURL=https://openbugbounty.org Details: Description| Value ---|--- Patched:| Verification in progress Latest check for patch:| 07.01.2018 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclos...

cie.co.at XSS vulnerability

Open Bug Bounty ID: OBB-258109 Description| Value ---|--- Affected Website:| cie.co.at Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2016-5601

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows local users to affect confidentiality and integrity via vectors related to CIE Related Components...

CVE-2016-5601

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows local users to affect confidentiality and integrity via vectors related to CIE Related Components...

Unspecified Vulnerability in Oracle Fusion Middleware Oracle WebLogic Server Component (CNVD-2016-10057)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platform for enterprise and cloud environments from Oracle. The platform provides middleware, software collection, etc. Oracle WebLogic Server is one of the application server components for cloud and traditional...

libtiff: Out-of-bounds when reading CIE Lab image format files

The putcontig8bitCIELab function in tifgetimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service out-of-bounds read via a packed TIFF image...

libtiff: Out-of-bounds when reading CIE Lab image format files

The putcontig8bitCIELab function in tifgetimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service out-of-bounds read via a packed TIFF image...

FreeBSD : tiff -- out-of-bounds read in CIE Lab image format (b65e4914-b3bc-11e5-8255-5453ed2e2b49)

zzf of Alibaba discovered an out-of-bounds vulnerability in the code processing the LogLUV and CIE Lab image format files. An attacker could create a specially crafted TIFF file that could cause libtiff to crash. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packag...

tiff -- out-of-bounds read in CIE Lab image format

zzf of Alibaba discovered an out-of-bounds vulnerability in the code processing the LogLUV and CIE Lab image format files. An attacker could create a specially-crafted TIFF file that could cause libtiff to crash...

CVE-2014-6569

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality via vectors related to CIE Related Components...