CVE-2025-59718

A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.10, FortiProxy 7.2.0 through 7.2.14,...

PT-2025-50119

Name of the Vulnerable Software and Affected Versions Fortinet FortiWeb versions 7.4.0 through 7.4.9 Fortinet FortiWeb versions 7.6.0 through 7.6.4 Fortinet FortiWeb version 8.0.0 Description An improper verification of cryptographic signature exists in the SAML Response Message Handler. This can...

Mattermost Server Authorization Issues Vulnerability (CNVD-2020-41176)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in Mattermost Server versions prior to 4.7.0, 4.6.2, and 4.5.2. The vulnerability can be exploited by an attacker to log in as any other user with the help of a...

CVE-2019-11066

openid.php in LightOpenID through 1.3.1 allows SSRF via a crafted OpenID 2.0 assertion request using the HTTP GET method...

Bypassing Signature Validation

simplesamlphp is vulnerable to bypassing signature validation. There is a flaw in signature verification on SAML assertions which allows construction of a crafted SAML assertion on behalf of an Identity Provider. Consequently, an attacker can impersonate a user from that Identity Provider...