Lucene search
K

5 matches found

NVD
NVD
added 2024/06/26 5:15 a.m.22 views

CVE-2024-34580

Apache XML Security for C++ through 2.0.4 implements the XML Signature Syntax and Processing XMLDsig specification without protection against an SSRF payload in a KeyInfo element. NOTE: the project disputes this CVE Record on the grounds that any vulnerabilities are the result of a failure to...

5.3CVSS0.00206EPSS
Exploits0References6
OSV
OSV
added 2024/06/26 5:15 a.m.31 views

CVE-2024-34580

Apache XML Security for C++ through 2.0.4 implements the XML Signature Syntax and Processing XMLDsig specification without protection against an SSRF payload in a KeyInfo element. NOTE: the project disputes this CVE Record on the grounds that any vulnerabilities are the result of a failure to...

8.2CVSS7.7AI score0.99999EPSS
Exploits5References7
Check Point Advisories
Check Point Advisories
added 2015/03/26 12:0 a.m.6 views

Microsoft XML Signature HMAC Truncation Bypass (MS10-041) - Ver2 (CVE-2009-0217)

The Microsoft .NET Framework is a component of the Microsoft Windows operating system that enables building and running software applications and Web services. A tampering vulnerability exists in the Microsoft .NET Framework that could allow an attacker to tamper with signed XML content without...

5CVSS1.8AI score0.06348EPSS
Exploits0
OpenVAS
OpenVAS
added 2010/06/09 12:0 a.m.248 views

Microsoft .NET Framework XML HMAC Truncation Vulnerability (981343)

This host is missing a critical security update according to Microsoft Bulletin MS10-041. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

5CVSS7.5AI score0.06348EPSS
Exploits0References3
CERT
CERT
added 2009/07/14 12:0 a.m.53 views

XML signature HMAC truncation authentication bypass

Overview The XML Signature specification allows for HMAC truncation, which may allow a remote attacker to bypass authentication. Description XML Signature Syntax and Processing XMLDsig is a W3C recommendation for providing integrity, message authentication, and/or signer authentication services f...

5CVSS7.1AI score0.06348EPSS
Exploits0References16
Rows per page
Query Builder