Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opensso vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2009-3763
Unspecified vulnerability in the Access Manager / OpenSSO component in Oracle OpenSSO Enterprise 7.1, 7, 2005Q4, and 8.0 allows remote malicious users to affect integrity via unknown vectors.
Oracle Opensso Enterprise 7.0
Oracle Opensso Enterprise 8.0
Oracle Opensso Enterprise 7.1
4.3
CVSSv2
CVE-2012-0079
Unspecified vulnerability in Oracle OpenSSO 7.1 and 8.0 allows remote malicious users to affect integrity via unknown vectors related to Administration.
Oracle Opensso 7.1
Oracle Opensso 8.0
6.8
CVSSv2
CVE-2010-4444
Unspecified vulnerability in Oracle Sun Java System Access Manager and Oracle OpenSSO 7, 7.1, and 8 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors.
Sun Java System Access Manager
Oracle Opensso 7.1
Oracle Opensso 7
Oracle Opensso 8
4.3
CVSSv2
CVE-2014-7293
Cross-site scripting (XSS) vulnerability in the logon page in NYU OpenSSO Integration 2.1 and previous versions for Ex Libris Patron Directory Services (PDS) allows remote malicious users to inject arbitrary web script or HTML via the url parameter.
Nyu Opensso Integration
5.8
CVSSv2
CVE-2014-7294
Open redirect vulnerability in the logon page in NYU OpenSSO Integration 2.1 and previous versions for Ex Libris Patron Directory Services (PDS) allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.
Nyu Opensso Integration
4.3
CVSSv2
CVE-2009-3764
Unspecified vulnerability in the OpenSSO component in Oracle OpenSSO Enterprise 8.0 allows remote malicious users to affect integrity via unknown vectors.
Oracle Opensso Enterprise 8.0
4.3
CVSSv2
CVE-2009-3762
Unspecified vulnerability in Oracle OpenSSO Enterprise 8.0 allows remote malicious users to affect integrity via unknown vectors.
Oracle Opensso Enterprise 8.0
5.8
CVSSv2
CVE-2010-0894
Unspecified vulnerability in the Sun Java System Access Manager component in Oracle Sun Product Suite 7.1, 7 2005Q4, and OpenSSO Enterprise 8.0 allows remote malicious users to affect confidentiality and integrity via unknown vectors.
Oracle Sun Products Suite 7.1
Oracle Sun Products Suite 7.0
Oracle Opensso Enterprise 8.0
2.1
CVSSv2
CVE-2009-2712
Sun Java System Access Manager 6.3 2005Q1, 7.0 2005Q4, and 7.1; and OpenSSO Enterprise 8.0; when AMConfig.properties enables the debug flag, allows local users to discover cleartext passwords by reading debug files.
Sun Java System Access Manager 6.3 2005q1
Sun Java System Access Manager 7.1
Sun Java System Access Manager 7 2005q4
Sun Java System Access Manager 7.0 2005q4
Sun Java System Web Server 7.0
Sun Opensso Enterprise 8.0
4.3
CVSSv2
CVE-2013-1620
The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote malicious users to conduct distinguishing attacks and...
Mozilla Network Security Services
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 12.04
Oracle Glassfish Server 2.1.1
Oracle Iplanet Web Proxy Server 4.0
Oracle Traffic Director 11.1.1.7.0
Oracle Iplanet Web Server 7.0
Oracle Vm Server 3.2
Oracle Glassfish Communications Server 2.0
Oracle Enterprise Manager Ops Center 12.1
Oracle Enterprise Manager Ops Center 12.2
Oracle Iplanet Web Server 6.1
Oracle Enterprise Manager Ops Center 11.1
Oracle Opensso 3.0-03
Oracle Traffic Director 11.1.1.6.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »