Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

120 matches found

CNNVD
CNNVDadded 2025/12/09 12:0 a.m.1 views

OneLogin ruby-saml 数据伪造问题漏洞

Onelogin OneLogin ruby-saml is a Ruby-based SAML Security Assertion Markup Language library for Single Sign-On SSO services from Onelogin, USA. A data forgery issue vulnerability exists in OneLogin ruby-saml version 1.12.4 and earlier, which stems from XML parsing differences and could lead to...

9.3CVSS7.8AI score0.0005EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2016-1922

Malware in sbrugna...

7.5CVSS7.6AI score0.00682EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2019-0609

Malware in sbrugna...

9.8CVSS8.5AI score0.0058EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2019-0118

Malware in sbrugna...

9.8CVSS8.5AI score0.04554EPSS
Exploits1References8
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-19635

Malicious code in bioql PyPI...

10CVSS6.6AI score0.00361EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-19636

Malicious code in bioql PyPI...

5.7CVSS6.6AI score0.00066EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.5 views

EUVD-2025-19634

Malicious code in bioql PyPI...

9CVSS6.6AI score0.00364EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-19689

Malicious code in bioql PyPI...

5CVSS6.6AI score0.00113EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-29110

Malicious code in bioql PyPI...

7.7CVSS6.8AI score0.00069EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-21947

Malicious code in bioql PyPI...

4CVSS6.6AI score0.00168EPSS
Exploits0References2
NVD
NVDadded 2025/09/14 5:15 a.m.2 views

CVE-2025-59363

In One Identity OneLogin before 2025.3.0, a request returns the OIDC client secret with GET Apps API v2 even though this secret should only be returned when an App is first created,...

7.7CVSS0.00069EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/09/14 12:0 a.m.7 views

CVE-2025-59363

In One Identity OneLogin before 2025.3.0, a request returns the OIDC client secret with GET Apps API v2 even though this secret should only be returned when an App is first created,...

7.7CVSS0.00069EPSS
Exploits0References1
CVE
CVEadded 2025/09/14 12:0 a.m.22 views

CVE-2025-59363

In One Identity OneLogin prior to 2025.3.0, the GET /api/2/apps endpoint returned OIDC client_secret values alongside app metadata, enabling disclosure of sensitive credentials. This is caused by excessive data being returned by the Apps API v2 and constitutes a breach of confidentiality for OIDC...

7.7CVSS6.5AI score0.00069EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/09/14 12:0 a.m.1 views

One Identity OneLogin 安全漏洞

One Identity OneLogin is an identity and access management software from US-based One Identity. A security vulnerability exists in One Identity OneLogin versions prior to 2025.3.0, which stems from the GET Apps API v2 returning OIDC client keys, which could lead to the disclosure of sensitive...

7.7CVSS6.5AI score0.00069EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/09/14 12:0 a.m.2 views

CVE-2025-59363

In One Identity OneLogin before 2025.3.0, a request returns the OIDC client secret with GET Apps API v2 even though this secret should only be returned when an App is first created,...

7.7CVSS6.4AI score0.00069EPSS
Exploits0References1
Gitee
Giteeadded 2025/09/06 2:15 a.m.76 views

php-saml

This is a PHP SAML toolkit for adding SAML support to PHP software. It is a library provided and supported by OneLogin Inc. The library is compatible with PHP versions greater than 7.1. The library includes features such as: Support for SAML 2.0 Support for SAML 1.1 Support for SAML 1.0 Support f...

7AI score
Exploits0
RedhatCVE
RedhatCVEadded 2025/07/21 12:8 a.m.3 views

CVE-2025-52924

In One Identity OneLogin before 2025.2.0, the SQL connection "application name" is set based on the value of an untrusted X-RequestId HTTP request header...

4CVSS7.2AI score0.00168EPSS
Exploits0References1
NVD
NVDadded 2025/07/19 3:15 a.m.3 views

CVE-2025-52924

In One Identity OneLogin before 2025.2.0, the SQL connection "application name" is set based on the value of an untrusted X-RequestId HTTP request header...

4CVSS0.00168EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/07/19 12:0 a.m.3 views

CVE-2025-52924

In One Identity OneLogin before 2025.2.0, the SQL connection "application name" is set based on the value of an untrusted X-RequestId HTTP request header...

4CVSS7AI score0.00168EPSS
Exploits0References2
CVE
CVEadded 2025/07/19 12:0 a.m.14 views

CVE-2025-52924

CVE-2025-52924 affects One Identity OneLogin before 2025.2.0, where the SQL connection “application name” is derived from an untrusted X-RequestId header. This can lead to information disclosure about the SQL connection name. Affected: OneLogin prior to 2025.2.0. Impact per sources: low confident...

4CVSS7.8AI score0.00168EPSS
Exploits0References2
Rows per page
Query Builder