Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Tenable Product Security Advisories
Tenable Product Security Advisoriesadded 2025/09/30 4:32 p.m.4 views

[R1] Stand-alone Security Patch Available for Tenable Security Center versions 6.5.1 and 6.6.0: SC-202509.2.1

R1 Stand-alone Security Patch Available for Tenable Security Center versions 6.5.1 and 6.6.0: SC-202509.2.1 Jason Schavel Tue, 09/30/2025 - 12:32 Security Center leverages third-party software to help provide underlying functionality. One of the third-party components SimpleSAML was found to...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2025/08/25 12:0 a.m.0 views

Linux Distros Unpatched Vulnerability : CVE-2017-12872

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 1 Htpasswd authentication source in the authcrypt module and 2 SimpleSAMLSession class in SimpleSAMLphp 1.14.11 and earlier allow remote attackers to conduc...

5.9CVSS6.6AI score0.00404EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2021/09/03 12:0 a.m.92 views

Tenable SecurityCenter < 5.19.0 Multiple XSS Vulnerabilities (TNS-2021-14)

According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is less than 5.19.0 and is therefore affected by multiple vulnerabilities in the following components: - Bootstrap - SimpleSAML Note that successful exploitation of the most serious issues...

6.9CVSS6.8AI score0.09805EPSS
Exploits12References8
Veracode
Veracodeadded 2017/09/04 7:7 a.m.19 views

Session Fixation

SimpleSAML is vulnerable to session fixation attacks. This happens due to the incorrect conversion to an integer of individual bytes in both strings before an XOR operation in the secureCompare method in lib/SimpleSAML/Utils/Crypto.php...

9.8CVSS9.1AI score0.00764EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2017/09/01 9:29 p.m.0 views

UBUNTU-CVE-2017-12872

The 1 Htpasswd authentication source in the authcrypt module and 2 SimpleSAMLSession class in SimpleSAMLphp 1.14.11 and earlier allow remote attackers to conduct timing side-channel attacks by leveraging use of the standard comparison operator to compare secret material against user input...

5.9CVSS6.6AI score0.00404EPSS
Exploits0References3
OSV
OSVadded 2017/09/01 9:29 p.m.0 views

DEBIAN-CVE-2017-12872

The 1 Htpasswd authentication source in the authcrypt module and 2 SimpleSAMLSession class in SimpleSAMLphp 1.14.11 and earlier allow remote attackers to conduct timing side-channel attacks by leveraging use of the standard comparison operator to compare secret material against user input...

5.9CVSS9.6AI score0.00404EPSS
Exploits0References1
Debian CVE
Debian CVEadded 2017/09/01 1:0 p.m.23 views

CVE-2017-12870

SimpleSAMLphp 1.14.12 and earlier make it easier for man-in-the-middle attackers to obtain sensitive information by leveraging use of the aesEncrypt and aesDecrypt methods in the SimpleSAML/Utils/Crypto class to protect session identifiers in replies to non-HTTPS service providers...

5.9CVSS5.4AI score0.0026EPSS
Exploits0
Rows per page
Query Builder