Lucene search
K

71 matches found

NVD
NVD
added 6 days ago8 views

CVE-2026-44946

A SAML authentication replay vulnerability in Rancher's Assertion Consumer Service ACS handler did not enforce one-time use of SAML assertion, potentially allowing person in the middle attacks against Rancher, affecting Rancher 2.14.0 before 2.14.3,...

9.5CVSS0.00291EPSS
Exploits0References1
CVE
CVE
added 2026/06/23 10:9 p.m.22 views

CVE-2026-54588

Poweradmin (for PowerDNS) is affected by a Host Header Injection vulnerability in auth flows. Versions prior to 4.2.4 and 4.3.3 use the HTTP_HOST header as the authoritative source for building OIDC redirect_uri, SAML ACS/SLO URLs, and logout redirects without validation. An unauthenticated attac...

9.6CVSS6AI score0.00312EPSS
Exploits0References3
CVE
CVE
added 2026/06/23 3:59 p.m.18 views

CVE-2026-13007

Tenable Identity Exposure exposes multiple unauthenticated API endpoints under /w/api/* that return sensitive configuration data (cleartext LDAP credentials, SAML config, user accounts, directory settings). Responses are served with Cache-Control: public and without Vary: Cookie, enabling reverse...

8.7CVSS5.9AI score0.00432EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.11 views

Spring Security 加密问题漏洞

Spring Security is a security framework developed by Spring OpenSource that includes authentication and authorization features. Spring Security has a data manipulation vulnerability, which stems from SAML decryption of SAML responses, as well as SAML logout requests and logout responses whose...

5.3CVSS5.8AI score0.00137EPSS
Exploits0References1
Spring Security Advisories
Spring Security Advisories
added 2026/06/09 12:0 a.m.6 views

CVE-2026-40988: Unbounded DEFLATE Inflation in SAML 2.0 Service Provider

An application using spring-security-saml2-service-provider and the REDIRECT binding for SAML 2.0 Login or Logout may be vulnerable to a denial of service by way of an unbounded writer that inflates the compressed SAML payload into memory...

7.5CVSS5.2AI score0.00331EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 3:54 p.m.9 views

Security Bulletin: IBM Datapower Operations Dashboard is vulnerable to Missing XML Validation CVE-2026-1190

Summary keycloak is used by the IBM Datapower Operations Dashboard as part of their IAM and SSO implementation Vulnerability Details CVEID:CVE-2026-1190 DESCRIPTION: A flaw was found in Keycloak's SAML brokering functionality. When Keycloak is configured as a client in a Security Assertion Markup...

3.1CVSS5.4AI score0.00369EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/05/28 5:16 p.m.14 views

CVE-2026-9098

In Casdoor versions 2.362.0 and earlier, the SAML callback handler in controllers/auth.go accepts any well-formed SAMLResponse sent to /api/acs without verifying that it corresponds to an AuthnRequest previously issued by Casdoor. Additionally, if an administrator disables or deletes an IdP...

9.1CVSS0.0023EPSS
Exploits0References1
CVE
CVE
added 2026/05/11 5:40 p.m.20 views

CVE-2026-42860

The CVE-2026-42860 issue affects Open edX Openedx Enterprise Service (edx-enterprise). From 7.0.2 through 7.0.4, the sync_provider_data endpoint retrieves SAML metadata from a URL stored in SAMLProviderConfig.metadata_source. An authenticated Enterprise Admin can PATCH this field to an arbitrary ...

8.5CVSS5.9AI score0.00301EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.9 views

Admidio 数据伪造问题漏洞

Admidio is a set of open-source member management systems developed by the Admidio team. This system supports features such as member lists, event management, message boards, photo albums, and downloads. Prior to Admidio 5.0.9, there was a data manipulation vulnerability. This vulnerability stemm...

8.2CVSS5.7AI score0.00191EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/03/27 5:49 p.m.182 views

Exploit for CVE-2026-3055

CVE-2026-3055 - Security Vulnerability Severity: N/A CV...

9.3CVSS6.1AI score0.83996EPSS
Exploits7
Github Security Blog
Github Security Blog
added 2026/03/23 12:30 p.m.10 views

esaml XXE vulnerability allows local file disclosure and SSRF via crafted SAML messages

XML External Entity XXE vulnerability in esaml and its forks allows an attacker to cause the system to read local files and incorporate their contents into processed SAML documents, and potentially perform SSRF via crafted SAML messages. esaml parses attacker-controlled SAML messages using...

6.3CVSS5.8AI score0.00281EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/18 1:14 a.m.4 views

CVE-2026-2092 Keycloak-services: keycloak: unauthorized access via improper validation of encrypted saml assertions

A flaw was found in Keycloak. Keycloak's Security Assertion Markup Language SAML broker endpoint does not properly validate encrypted assertions when the overall SAML response is not signed. An attacker with a valid signed SAML assertion can exploit this by crafting a malicious SAML response. Thi...

7.7CVSS5.9AI score0.00241EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/03/18 1:14 a.m.5 views

CVE-2026-2092

A flaw was found in Keycloak. Keycloak's Security Assertion Markup Language SAML broker endpoint does not properly validate encrypted assertions when the overall SAML response is not signed. An attacker with a valid signed SAML assertion can exploit this by crafting a malicious SAML response. Thi...

7.7CVSS5.9AI score0.00241EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/03/15 12:7 p.m.3 views

SUSE CVE-2017-18909

An issue was discovered in Mattermost Server before 3.9.0 when SAML is used. Encryption and signature verification are not mandatory...

7.5CVSS5.8AI score0.00656EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/05 6:28 p.m.6 views

CVE-2026-3047

A flaw was found in org.keycloak.broker.saml. When a disabled Security Assertion Markup Language SAML client is configured as an Identity Provider IdP-initiated broker landing target, it can still complete the login process and establish a Single Sign-On SSO session. This allows a remote attacker...

8.8CVSS5.9AI score0.00469EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/04 5:19 p.m.4 views

CVE-2026-20101

A vulnerability in the SAML 2.0 single sign-on SSO feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability is due to insufficient error checki...

8.6CVSS6AI score0.00354EPSS
Exploits0References2Affected Software2
EUVD
EUVD
added 2025/12/09 5:24 p.m.6 views

EUVD-2025-202168

SAML PHP Toolkit Vulnerability on xmlseclibs CVE-2025-66475...

6.4AI score
Exploits0References6
Cvelist
Cvelist
added 2025/11/05 2:56 p.m.8 views

CVE-2025-46784

A denial of service vulnerability exists in the lassonodeinitfrommessagewithformat functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a memory depletion, resulting in denial of service. An attacker can send a malformed SAML response to trigger this vulnerabili...

7.5CVSS0.0046EPSS
Exploits1References1
CVE
CVE
added 2025/11/05 2:56 p.m.26 views

CVE-2025-46784

The connected advisories confirm CVE-2025-46404, CVE-2025-46705, CVE-2025-46784 and CVE-2025-47151 affect the lasso library (Entr'ouvert Lasso / liblasso) used for Liberty/SAML processing. Descriptions show a mix of denial-of-service via malformed SAML responses causing memory depletion or crashe...

7.5CVSS6.5AI score0.0046EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-10242

Malware in sbrugna...

6.1CVSS6.3AI score0.01211EPSS
Exploits0References3
Rows per page
Query Builder