Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2018/03/05 12:0 a.m.34 views

Debian DSA-4127-1 : simplesamlphp - security update

Several vulnerabilities have been discovered in SimpleSAMLphp, a framework for authentication, primarily via the SAML protocol. - CVE-2017-12867 Attackers with access to a secret token could extend its validity period by manipulating the prepended time offset. - CVE-2017-12869 When using the...

9.8CVSS7.4AI score0.03111EPSS
Exploits1References23
Debian
Debian
added 2018/03/02 6:15 a.m.23 views

[SECURITY] [DSA 4127-1] simplesamlphp security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4127-1 [email protected] https://www.debian.org/security/ Thijs Kinkhorst March 02, 2018 https://www.debian.org/security/faq -...

7.5CVSS1.4AI score0.03111EPSS
Exploits1
OpenVAS
OpenVAS
added 2018/03/01 12:0 a.m.44 views

Debian: Security Advisory (DSA-4127-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.03111EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2018/02/20 12:0 a.m.19 views

Debian: Security Advisory (DLA-1273-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.03111EPSS
Exploits1References3
Debian
Debian
added 2018/02/09 3:11 a.m.21 views

[SECURITY] [DLA 1273-1] simplesamlphp security update

Package : simplesamlphp Version : 1.9.2-1+deb7u2 CVE ID : CVE-2017-18121 CVE-2017-18122 CVE-2018-6521 Debian Bug : 889286 simplesamlphp, an authentication and federation application has been found vulnerable to Cross Site Scripting XSS, signature validation byepass and using insecure connection...

9.8CVSS7.9AI score0.03111EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2018/02/09 12:0 a.m.25 views

Debian DLA-1273-1 : simplesamlphp security update

simplesamlphp, an authentication and federation application has been found vulnerable to Cross Site Scripting XSS, signature validation byepass and using insecure connection charset. CVE-2017-18121 A Cross Site Scripting XSS issue has been found in the consentAdmin module of SimpleSAMLphp through...

9.8CVSS6.8AI score0.03111EPSS
Exploits1References5
CVE
CVE
added 2018/02/02 3:0 p.m.74 views

CVE-2017-18121

CVE-2017-18121 affects SimpleSAMLphp’s consentAdmin module (up to version 1.14.15); it enables cross-site scripting via crafted links that execute arbitrary JavaScript in the victim’s browser. Debian advisories and Nessus plugins indicate fixes were released (e.g., 1.14.11-1+deb9u1 for Stretch, 1...

6.1CVSS6.3AI score0.01223EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder