Critical: lasso security update

The lasso packages provide the Lasso library that implements the Liberty Alliance Single Sign-On standards, including the SAML and SAML2 specifications. It allows handling of the whole life-cycle of SAML-based federations and provides bindings for multiple languages. Security Fixes: lasso: Type...

Zero Trust Security Model Implementation in Microservices Architectures Using Identity Federation

The microservice bombshells that have been linked with the microservice expansion have altered the application architectures, offered agility and scalability in terms of complexity in security trade-offs. Feeble legacy-based perimeter-based policies are unable to offer safeguard to distributed...

Siemens Industrial Edge Devices Weak Authentication (CVE-2024-54092)

Affected devices do not properly enforce user authentication on specific API endpoints when identity federation is used. This could facilitate an unauthenticated remote attacker to circumvent authentication and impersonate a legitimate user. Successful exploitation requires that identity federati...

EUVD-2016-0448

Malware in sbrugna...

EUVD-2016-0439

Malware in sbrugna...

EUVD-2025-10345

Malicious code in bioql PyPI...

php-saml

This is a PHP library for implementing SAML Security Assertion Markup Language authentication and authorization. It is a toolkit for adding SAML support to PHP software. The library is compatible with PHP 5.3.2 and later versions, and it uses the xmlseclibs library for XML encryption and...

CVE-2024-54092

A vulnerability has been identified in Industrial Edge Device Kit - arm64 V1.17 All versions, Industrial Edge Device Kit - arm64 V1.18 All versions, Industrial Edge Device Kit - arm64 V1.19 All versions, Industrial Edge Device Kit - arm64 V1.20 All versions V1.20.2-1, Industrial Edge Device Kit -...

CVE-2024-54092

A vulnerability has been identified in Industrial Edge Device Kit - arm64 V1.17 All versions, Industrial Edge Device Kit - arm64 V1.18 All versions, Industrial Edge Device Kit - arm64 V1.19 All versions, Industrial Edge Device Kit - arm64 V1.20 All versions V1.20.2-1, Industrial Edge Device Kit -...

CVE-2024-54092

CVE-2024-54092 affects Siemens Industrial Edge Devices (multiple ARM64/x86-64 SKUs, IEOD, IEVD, SCALANCE LPE9413, SIMATIC IPC devices). The root issue is improper enforcement of user authentication on specific API endpoints when identity federation is used, allowing an unauthenticated remote atta...

CVE-2024-54092

A vulnerability has been identified in Industrial Edge Device Kit - arm64 V1.17 All versions, Industrial Edge Device Kit - arm64 V1.18 All versions, Industrial Edge Device Kit - arm64 V1.19 All versions, Industrial Edge Device Kit - arm64 V1.20 All versions V1.20.2-1, Industrial Edge Device Kit -...

Siemens Industrial Edge Devices 安全漏洞

Siemens Industrial Edge Devices is a family of industrial edge devices from Siemens, Germany, used for field data processing and intelligent control. A security vulnerability exists in Siemens Industrial Edge Devices that stems from a failure to properly implement user authentication when using...

PT-2025-15395 · Siemens · Scalance Lpe9413 +9

Name of the Vulnerable Software and Affected Versions: Industrial Edge Device Kit - arm64 versions V1.17 through V1.20.2-1, V1.21 versions prior to V1.21.1-1 Industrial Edge Device Kit - x86-64 versions V1.17 through V1.20.2-1, V1.21 versions prior to V1.21.1-1 Industrial Edge Own Device IEOD...

IBM Security Verify Access Authorization Issues Vulnerability

IBM Security Verify Access ISAM is a service from International Business Machines IBM that improves user access security. The service enables secure and simple access to platforms such as web, mobile, IoT and cloud technologies through the use of risk-based access, single sign-on, integrated acce...

IBM Security verify Access Appliance Denial of Service Vulnerability

IBM Security Verify Access ISAM is a service from International Business Machines IBM that improves user access security. The service enables secure and simple access to platforms such as the Web, mobile, IoT and cloud using risk-based access, single sign-on, integrated access management controls...

IBM Security verify Access Appliance Security Vulnerability

IBM Security Verify Access ISAM is a service from International Business Machines IBM that improves user access security. The service enables secure and simple access to platforms such as web, mobile, IoT and cloud technologies through the use of risk-based access, single sign-on, integrated acce...

IBM Security Verify Access Appliance and IBM Application Gateway Information Disclosure Vulnerability

IBM Security Verify Access ISAM is a service from International Business Machines IBM that improves user access security. The service enables secure and simple access to platforms such as the Web, mobile, IoT and cloud using risk-based access, single sign-on, integrated access management controls...

IBM Security Verify Access Information Disclosure Vulnerability (CNVD-2024-16916)

IBM Security Verify Access ISAM is a service from International Business Machines IBM that improves user access security. The service enables secure and simple access to platforms such as the Web, mobile, IoT and cloud using risk-based access, single sign-on, integrated access management controls...

IBM Security Verify Access Denial of Service Vulnerability

IBM Security Verify Access ISAM is a service from International Business Machines IBM that improves user access security. The service enables secure and simple access to platforms such as the Web, mobile, IoT and cloud using risk-based access, single sign-on, integrated access management controls...

ADFS Relying Party Trusts Disclosure

Microsoft Active Directory Federation Services ADFS is a very popular Single Sign On SSO feature offering identity federation to organizations. An ADFS server can be configured to show a login page to connect to corporate applications directly from this Identity Provider IdP. When enabled, this w...