CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

Snyk•added 2026/05/19 10:42 a.m.•10 views

Improper Validation of Syntactic Correctness of Input

Overview org.keycloak:keycloak-saml-core is an Identity and Access Management plugin for Keycloak. Affected versions of this package are vulnerable to Improper Validation of Syntactic Correctness of Input in the SAMLParser and SAML11ParserUtil code paths that handle SAML 1.1 assertions and protoc...

8.7CVSS5.9AI score0.00059EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-0211

Malware in sbrugna...

6.5CVSS6.9AI score0.0068EPSS

Exploits3References12

Cvelist•added 2025/07/28 7:47 p.m.•7 views

CVE-2025-54419 Node-SAML Contains SAML Signature Verification Vulnerability

A SAML library not dependent on any frameworks that runs in Node. In version 5.0.1, Node-SAML loads the assertion from the unsigned original response document. This is different than the parts that are verified when checking signature. This allows an attacker to modify authentication details with...

10CVSS0.00137EPSS

Exploits0References3

Cvelist•added 2025/03/28 12:0 a.m.•12 views

CVE-2025-31335

The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation when using SAML bindings that rely on non-XML signatures...

4CVSS0.00112EPSS

Exploits0References4

BDU FSTEC•added 2024/04/11 12:0 a.m.•2 views

The vulnerability of the authentication library for exchanging identification data according to the SAML2 standard, related to improper verification of the cryptographic signature, allows a perpetrator to bypass the signature verification and gain access to protected information.

The vulnerability of the authentication library for exchanging identification data according to the SAML2 standard, implemented by PySAML2, is related to the XML signature encoding scheme used. This scheme does not verify whether the SAML document conforms to the XML schema. Exploiting this...

7.8CVSS6.9AI score0.0014EPSS

Exploits0References5Affected Software2

SUSE CVE•added 2023/02/15 3:46 a.m.•1 views

SUSE CVE-2021-21238

PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. All users of pysaml2 that need to validate signed SAML documents are impacted. The vulnerability is a variant of XML Signature wrapping...

6.5CVSS7.6AI score0.0014EPSS

Exploits0References5

Tenable Nessus•added 2021/09/08 12:0 a.m.•26 views

Ubuntu 18.04 LTS / 20.04 LTS : PySAML2 vulnerability (USN-5066-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5066-1 advisory. Brian Wolff discovered that PySAML2 incorrectly validated cryptographic signatures. A remote attacker could possibly use this issue to alter SAML...

6.5CVSS7.1AI score0.0068EPSS

Exploits3References2

OpenVAS•added 2021/02/27 12:0 a.m.•17 views

Debian: Security Advisory (DLA-2577-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.3AI score0.02083EPSS

Exploits3References4

OSV•added 2021/01/21 3:15 p.m.•25 views

CVE-2021-21239

PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. Users of pysaml2 that use the default CryptoBackendXmlSec1 backend and need to verify signed SAML documents are impacted. PySAML2 does no...

6.5CVSS6.2AI score

Exploits0References6