31 matches found
EUVD-2020-0357
Malware in sbrugna...
EUVD-2013-4411
Malware in sbrugna...
EUVD-2020-0272
Malware in sbrugna...
EUVD-2020-0271
Malware in sbrugna...
EUVD-2020-0265
Malware in sbrugna...
EUVD-2020-0249
Malware in sbrugna...
EUVD-2022-1634
Malicious code in bioql PyPI...
EUVD-2022-3924
Malicious code in bioql PyPI...
EUVD-2022-2546
Malicious code in bioql PyPI...
EUVD-2022-3280
Malicious code in bioql PyPI...
EUVD-2022-3835
Malicious code in bioql PyPI...
EUVD-2022-5314
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2018-6520
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SimpleSAMLphp before 1.15.2 allows remote attackers to bypass an open redirect protection mechanism via crafted authority data in a URL. CVE-2018-6520 Note that...
Linux Distros Unpatched Vulnerability : CVE-2017-12868
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The secureCompare method in lib/SimpleSAML/Utils/Crypto.php in SimpleSAMLphp 1.14.13 and earlier, when used with PHP before 5.6, allows attackers to conduct...
Linux Distros Unpatched Vulnerability : CVE-2017-12874
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The InfoCard module 1.0 for SimpleSAMLphp allows attackers to spoof XML messages by leveraging an incorrect check of return values in signature validation...
Linux Distros Unpatched Vulnerability : CVE-2016-9955
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The SimpleSAMLXMLValidator class constructor in SimpleSAMLphp before 1.14.11 might allow remote attackers to spoof signatures on SAML 1 responses or possibly...
Linux Distros Unpatched Vulnerability : CVE-2017-12870
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SimpleSAMLphp 1.14.12 and earlier make it easier for man-in-the-middle attackers to obtain sensitive information by leveraging use of the aesEncrypt and...
Linux Distros Unpatched Vulnerability : CVE-2018-6521
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The sqlauth module in SimpleSAMLphp before 1.15.2 relies on the MySQL utf8 charset, which truncates queries upon encountering four-byte characters. There might ...
CVE-2020-5301
SimpleSAMLphp versions before 1.18.6 contain an information disclosure vulnerability. The module controller in SimpleSAML\Module that processes requests for pages hosted by modules, has code to identify paths ending with .php and process those as PHP code. If no other suitable way of handling the...
Signature Confusion Attack
simplesamlphp/saml2 is vulnerable to a Signature Confusion Attack. The vulnerability is due to improper validation in the HTTP-Redirect binding, which allows an attacker with any signed SAMLResponse to trick the application into accepting an unsigned message...