Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2021-0210

Malware in sbrugna...

6.5CVSS6.9AI score0.0014EPSS
Exploits0References9
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-32396

Malicious code in bioql PyPI...

8.6CVSS6.6AI score0.00178EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2025/08/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2021-21238

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability...

6.5CVSS6.9AI score0.0014EPSS
Exploits0References2
Veracode
Veracodeadded 2025/03/12 10:46 a.m.10 views

Authentication Bypass

github.com/fleetdm/fleet is vulnerable to Authentication Bypass. The vulnerability is due to insufficient validation of SAML authentication assertions, allowing an attacker to forge responses and create unauthorized accounts if Just-In-Time JIT provisioning or MDM enrollment is enabled...

9.3CVSS6.9AI score0.00142EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2024/07/02 3:49 p.m.17 views

CVE-2024-3826 Broken SAML Validation

In versions of Akana in versions prior to and including 2022.1.3 validation is broken when using the SAML Single Sign-On SSO functionality...

8.6CVSS0.00178EPSS
Exploits0References1
Cvelist
Cvelistadded 2022/01/11 10:10 p.m.14 views

CVE-2021-43999 Improper validation of SAML responses

Apache Guacamole 1.2.0 and 1.3.0 do not properly validate responses received from a SAML identity provider. If SAML support is enabled, this may allow a malicious user to assume the identity of another Guacamole user...

8.8AI score0.01358EPSS
Exploits0References2
OSV
OSVadded 2021/01/21 3:15 p.m.1 views

UBUNTU-CVE-2021-21238

PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. All users of pysaml2 that need to validate signed SAML documents are impacted. The vulnerability is a variant of XML Signature wrapping...

6.5CVSS7.1AI score0.0014EPSS
Exploits0References5
Debian CVE
Debian CVEadded 2017/02/16 6:0 p.m.22 views

CVE-2016-9814

The validateSignature method in the SAML2\Utils class in SimpleSAMLphp before 1.14.10 and simplesamlphp/saml2 library before 1.9.1, 1.10.x before 1.10.3, and 2.x before 2.3.3 allows remote attackers to spoof SAML responses or possibly cause a denial of service memory consumption by leveraging...

9.1CVSS9.2AI score0.00825EPSS
Exploits0
RedHat Linux
RedHat Linuxadded 2015/05/14 3:14 p.m.3 views

CXF: The SecurityTokenService accepts certain invalid SAML Tokens as valid

It was found that the SecurityTokenService STS, provided as a part of Apache CXF, could under certain circumstances accept invalid SAML tokens as valid. A remote attacker could use a specially crafted SAML token to gain access to an application that uses STS for validation of SAML tokens...

4.3CVSS7.3AI score0.01861EPSS
Exploits0References4
Rows per page
Query Builder