5 matches found
PT-2026-47650
Name of the Vulnerable Software and Affected Versions Spring Framework versions 7.0.0 through 7.0.7 Spring Framework versions 6.2.0 through 6.2.18 Spring Framework versions 6.1.0 through 6.1.27 Spring Framework versions 5.3.0 through 5.3.48 Description A WebFlux application with a compromised...
CVE-2025-24894
CVE-2025-24894 concerns SPID.AspNetCore.Authentication (AspNetCore Remote Authenticator for SPID). The vulnerability arises from insufficient validation of SAML response signatures in VerifySignature(), which may allow an attacker to impersonate any SPID/CIE user by injecting a valid signature in...
CVE-2024-55225
An issue in the component src/api/identity.rs of Vaultwarden prior to v1.32.5 allows attackers to impersonate users, including Administrators, via a crafted authorization request...
CVE-2013-2258
Cryptocat before 2.0.22 has Nickname User Impersonation...
PT-2019-2081 · Palo Alto Networks · Globalprotect Agent
Name of the Vulnerable Software and Affected Versions: GlobalProtect Agent version 4.1.0 for Windows GlobalProtect Agent versions 4.1.10 and earlier for macOS Description: The issue is related to weaknesses in the authentication procedure of the GlobalProtect Agent, which may allow a local...