Lucene search
K

8 matches found

OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.12 views

SUSE: Security Advisory (SUSE-SU-2018:0720-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.9AI score0.02192EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2018/03/22 12:0 a.m.26 views

Shibboleth XMLTooling-C Library < 1.6.4 Security Bypass Vulnerability

Shibboleth Service Provider is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.5CVSS6.8AI score0.02192EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/03/19 12:0 a.m.36 views

openSUSE Security Update : xmltooling (openSUSE-2018-276)

This update for xmltooling fixes the following issues : - CVE-2018-0489: Fixed a security bug when xmltooling mishandled digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML data. NOTE: this issue exists...

6.5CVSS6.3AI score0.02192EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2018/03/19 12:0 a.m.47 views

SUSE SLES12 Security Update : xmltooling (SUSE-SU-2018:0720-1)

This update for xmltooling fixes the following issues : - CVE-2018-0489: Fixed a security bug when xmltooling mishandled digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML data. NOTE: this issue exists...

6.5CVSS6.3AI score0.02192EPSS
Exploits2References6
RedhatCVE
RedhatCVE
added 2018/03/09 4:19 a.m.30 views

CVE-2018-0489

Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML data. NOTE: this...

8.1CVSS5.5AI score0.02192EPSS
Exploits2References1
OSV
OSV
added 2018/02/27 3:29 p.m.7 views

CVE-2018-0489

Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML data. NOTE: this...

6.5CVSS6.6AI score
Exploits0References6
Debian CVE
Debian CVE
added 2018/02/27 3:0 p.m.28 views

CVE-2018-0489

Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML data. NOTE: this...

6.5CVSS5.5AI score0.02192EPSS
Exploits0
CVE
CVE
added 2018/02/27 3:0 p.m.108 views

CVE-2018-0489

CVE-2018-0489 concerns the xmltooling library (XMLTooling-C) used by Shibboleth Service Provider and related products. The vulnerability arises in versions of xmltooling before 1.6.4 where digital signatures of user data are mishandled, enabling remote attackers to obtain sensitive information or...

6.5CVSS6.5AI score0.02192EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder