67 matches found
PT-2026-53861
Name of the Vulnerable Software and Affected Versions Rancher versions 2.14.0 through 2.14.2 Rancher versions 2.13.0 through 2.13.6 Rancher versions 2.12.0 through 2.12.10 Rancher versions 2.11.0 through 2.11.14 Description A SAML authentication replay issue exists in the Assertion Consumer Servi...
CVE-2026-25922 authentik has a Signature Verification Bypass via SAML Assertion Wrapping
authentik is an open-source identity provider. Prior to 2025.8.6, 2025.10.4, and 2025.12.4, when using a SAML Source that has the option Verify Assertion Signature under Verification Certificate enabled and not Verify Response Signature, or does not have the Encryption Certificate setting under...
CVE-2020-12676
FusionAuth fusionauth-samlv2 0.2.3 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack"...
CVE-2023-29129
A vulnerability has been identified in Mendix SAML Mendix 7 compatible All versions = V1.17.3 = V1.16.4 = V2.3.0 = V2.2.0 = V3.3.1 = V3.1.9 = V3.3.0 = V3.1.8 = V3.3.1 = V3.3.0 = V3.1.9 = V3.1.8 V3.2.6. The affected versions of the module insufficiently verify the SAML assertions. This could allow...
CVE-2025-54369
Node-SAML is a SAML library not dependent on any frameworks that runs in Node. In versions 5.0.1 and below, Node-SAML loads the assertion from the unsigned original response document. This is different than the parts that are verified when checking signature. This allows an attacker to modify...
CVE-2025-54369 Node-SAML SAML Authentication Bypass
Node-SAML is a SAML library not dependent on any frameworks that runs in Node. In versions 5.0.1 and below, Node-SAML loads the assertion from the unsigned original response document. This is different than the parts that are verified when checking signature. This allows an attacker to modify...
EUVD-2012-5274
Malware in sbrugna...
EUVD-2015-6196
Malware in sbrugna...
EUVD-2020-5669
Malware in sbrugna...
EUVD-2020-4972
Malware in sbrugna...
EUVD-2012-5273
Malware in sbrugna...
EUVD-2021-15749
Malware in sbrugna...
EUVD-2015-0290
Malware in sbrugna...
EUVD-2018-17318
Malware in sbrugna...
EUVD-2023-32732
Malicious code in bioql PyPI...
EUVD-2022-2731
Malicious code in bioql PyPI...
EUVD-2022-31051
Malicious code in bioql PyPI...
node-saml 安全漏洞
node-saml is a SAML library that does not depend on any framework running in Node.js. A security vulnerability exists in node-saml version 5.0.1 that stems from not properly validating SAML assertions, which could lead to an authentication bypass...
PT-2025-31149
Name of the Vulnerable Software and Affected Versions: Node-SAML versions 5.0.1 and below Description: Node-SAML improperly loads the assertion from the unsigned original response document, differing from the parts verified during signature checking. This allows modification of authentication...
CVE-2020-13415
An issue was discovered in Aviatrix Controller through 5.1. An attacker with any signed SAML assertion from the Identity Provider can establish a connection even if that SAML assertion has expired or is from a user who is not authorized to access Aviatrix, aka XML Signature Wrapping...