Lucene search
K

3786 matches found

Nuclei
Nuclei
added 4 hours ago30 views

SolarWinds Web Help Desk - Authentication Bypass

SolarWinds Web Help Desk 12.8.8 HF1 and earlier contains an authentication bypass vulnerability in the WebObjects session handling. By crafting a request with a manipulated path component to an internal admin page endpoint, an unauthenticated attacker can access privileged administrative function...

9.8CVSS7.4AI score0.8413EPSS
Exploits5References4
Nuclei
Nuclei
added 4 hours ago77 views

Keycloak - SAML Core Package Signature Validation Flaw

A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Referen...

7.7CVSS6.7AI score0.0203EPSS
Exploits0References5
Nuclei
Nuclei
added 4 hours ago208 views

Apache CloudStack - SAML Signature Exclusion

The CloudStack SAML authentication disabled by default does not enforce signature check. In CloudStack environments where SAML authentication is enabled, an attacker that initiates CloudStack SAML single sign-on authentication can bypass SAML authentication by submitting a spoofed SAML response...

8.1CVSS7.2AI score0.1776EPSS
Exploits1References5
EUVD
EUVD
added yesterday5 views

EUVD-2026-42532

An Open Redirect vulnerability was discovered in the SAML Single Sign-On functionality due to insufficient validation of a user-controlled redirection parameter. An unauthenticated attacker can craft a request to the SAML sign-in endpoint and poison the cached SAML redirection for other users who...

7.1CVSS6AI score0.00167EPSS
Exploits0References1
Cvelist
Cvelist
added yesterday13 views

CVE-2026-31982 Open Redirect in SAML Single Sign-On in Guardian/CMC before 26.2.0

An Open Redirect vulnerability was discovered in the SAML Single Sign-On functionality due to insufficient validation of a user-controlled redirection parameter. An unauthenticated attacker can craft a request to the SAML sign-in endpoint and poison the cached SAML redirection for other users who...

7.1CVSS0.00167EPSS
Exploits0References1
NVD
NVD
added 2 days ago5 views

CVE-2026-54782

CoreWCF is a port of the service side of Windows Communication Foundation WCF to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF SAML 1.1 and SAML 2.0 token validation does not correctly resolve the issuer signing key or require signed tokens when IdentityConfiguration is used with federated binding...

10CVSS0.00246EPSS
Exploits0References6
Cvelist
Cvelist
added 2 days ago32 views

CVE-2026-54782 CoreWCF: Authentication bypass in CoreWCF SAML 1.1 / 2.0 token signature validation

CoreWCF is a port of the service side of Windows Communication Foundation WCF to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF SAML 1.1 and SAML 2.0 token validation does not correctly resolve the issuer signing key or require signed tokens when IdentityConfiguration is used with federated binding...

10CVSS0.00246EPSS
Exploits0References6
CVE
CVE
added 2 days ago28 views

CVE-2026-54782

CVE-2026-54782 affects CoreWCF (CoreWCF.Primitives and related token validation path) where SAML 1.1/2.0 token validation fails to resolve the issuer signing key when IdentityConfiguration is used with federated bindings, allowing unauthenticated impersonation. Affected versions: prior to 1.8.1 a...

10CVSS6AI score0.00246EPSS
Exploits0References6
Cvelist
Cvelist
added 2 days ago27 views

CVE-2026-54774 CoreWCF: SamlSerializer skips SignatureValue verification when SAML signing token is not an X.509 certificate

CoreWCF is a port of the service side of Windows Communication Foundation WCF to .NET Core. Prior to 1.8.1 and 1.9.1, SamlSerializer skips final SignatureValue verification when a CoreWCF service validates SAML tokens using a non-X.509 signing token, allowing an attacker to reference a non-X.509...

7.4CVSS0.0015EPSS
Exploits0References6
CVE
CVE
added 2 days ago14 views

CVE-2026-54774

CoreWCF (CoreWCF.Primitives and related components) is affected by CVE-2026-54774 where SamlSerializer may skip final SignatureValue verification when validating SAML tokens signed with a non-X.509 issuer token. The vulnerability arises when an out-of-band token resolver provides a non-X.509 Secu...

7.4CVSS5.9AI score0.0015EPSS
Exploits0References6
Cvelist
Cvelist
added 2 days ago28 views

CVE-2026-54779 CoreWCF: SAML token replay protection is inoperative

CoreWCF is a port of the service side of Windows Communication Foundation WCF to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF SAML token replay protection is inoperative because DefaultTokenReplayCache.TryAdd does not reject duplicate tokens when DetectReplayedTokens is enabled, allowing a captur...

5.9CVSS0.00268EPSS
Exploits0References6
CVE
CVE
added 2 days ago16 views

CVE-2026-54779

CoreWCF (Windows Communication Foundation port for .NET Core) has a SAML token replay protection flaw prior to versions 1.8.1 and 1.9.1. The issue arises because DefaultTokenReplayCache.TryAdd does not reject duplicate tokens when DetectReplayedTokens is enabled, allowing a captured token to be r...

5.9CVSS5.9AI score0.00268EPSS
Exploits0References6
Nuclei
Nuclei
added 2 days ago300 views

Ivanti Connect Secure - XXE

Ivanti Connect Secure is vulnerable to XXE XML External Entity injection. id: CVE-2024-22024 info: name: Ivanti Connect Secure - XXE author: watchTowr severity: high description: | Ivanti Connect Secure is vulnerable to XXE XML External Entity injection. impact: | Successful exploitation of this...

8.3CVSS7.3AI score0.94721EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.7 views

NetScaler ADC and NetScaler Gateway Multiple Vulnerabilities (CTX696604)

The remote NetScaler ADC formerly Citrix ADC or NetScaler Gateway formerly Citrix Gateway device is version 13.1 prior to 13.1-63.18, 14.1 prior to 14.1-72.61, 13.1-FIPS/NDcPP prior to 13.1-37.272, or 14.1-FIPS prior to 14.1-72.61. It is, therefore, affected by multiple vulnerabilities: -...

9.8CVSS7.5AI score0.00502EPSS
Exploits1References7
BDU FSTEC
BDU FSTEC
added 2026/07/01 12:0 a.m.5 views

The vulnerability of the authentication mechanism of the SAML-based NetScaler ADC controller (formerly Citrix ADC) and the NetScaler Gateway virtual environment access control system (formerly Citrix Gateway) allows a attacker to cause service interruptions.

The vulnerability of the SAML authentication mechanism for NetScaler ADC formerly Citrix ADC and the NetScaler Gateway virtual environment access control system formerly Citrix Gateway is related to reading data beyond the allowed range in memory. Exploiting this vulnerability could allow a...

9.7CVSS6.1AI score0.00502EPSS
Exploits1References3Affected Software3
CVE
CVE
added 2026/06/30 12:33 p.m.43 views

CVE-2026-8451

CVE-2026-8451 describes insufficient input validation in NetScaler ADC and NetScaler Gateway, causing a memory overread when configured as a SAML IDP. Affected products are NetScaler ADC and NetScaler Gateway; root cause is input validation weaknesses leading to memory overread. The CVSS metrics ...

8.8CVSS5.8AI score0.00502EPSS
In wildExploits1References1Affected Software2
Cvelist
Cvelist
added 2026/06/30 12:33 p.m.39 views

CVE-2026-8451 Insufficient input validation leading to memory overread

Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is configured as a SAML IDP...

8.8CVSS0.00502EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/30 12:14 p.m.34 views

CVE-2026-44946 SAML Authentication Replay in Rancher

A SAML authentication replay vulnerability in Rancher's Assertion Consumer Service ACS handler did not enforce one-time use of SAML assertion, potentially allowing person in the middle attacks against Rancher, affecting Rancher 2.14.0 before 2.14.3,...

9.5CVSS0.00291EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 12:14 p.m.35 views

CVE-2026-44946

CVE-2026-44946 describes a SAML authentication replay vulnerability in Rancher’s Assertion Consumer Service (ACS) handler, where one-time use of SAML assertions was not enforced. The issue can enable man‑in‑the‑middle style abuse against Rancher, affecting Rancher 2.14.0 up to (but not including)...

9.5CVSS5.8AI score0.00291EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/30 10:2 a.m.5 views

Security Bulletin: Multiple security vulnerabilities in IBM Business Automation Manager Open Editions

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed in IBM Business Automation Manager Open Editions 9.5.0 Vulnerability Details CVEID:CVE-2026-33871 DESCRIPTION: Netty is an asynchronous, event-driven network application...

8.7CVSS6.8AI score0.01125EPSS
Exploits0Affected Software1
Rows per page
Query Builder