Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
single sign-on vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-37945
A missing permission check in Jenkins SAML Single Sign On(SSO) Plugin 2.1.0 up to and including 2.3.0 (both inclusive) allows attackers with Overall/Read permission to download a string representation of the current security realm.
Jenkins Saml Single Sign On
NA
CVE-2022-4361
Keycloak, an open-source identity and access management solution, has a cross-site scripting (XSS) vulnerability in the SAML or OIDC providers. The vulnerability can allow an malicious user to execute malicious scripts by setting the AssertionConsumerServiceURL value or the redir...
Redhat Keycloak
Redhat Single Sign-on
Redhat Single Sign-on -
Redhat Openshift Container Platform 4.11
Redhat Openshift Container Platform 4.12
Redhat Openshift Container Platform For Ibm Linuxone 4.9
Redhat Openshift Container Platform For Ibm Linuxone 4.10
Redhat Openshift Container Platform For Power 4.9
Redhat Openshift Container Platform For Power 4.10
NA
CVE-2023-33201
Bouncy Castle For Java prior to 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the cert...
Bouncycastle Bc-java
NA
CVE-2023-3138
A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array in...
X.org Libx11
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
1 Github repository
NA
CVE-2023-28857
Apereo CAS is an open source multilingual single sign-on solution for the web. Apereo CAS can be configured to use authentication based on client X509 certificates. These certificates can be provided via TLS handshake or a special HTTP header, such as “ssl_client_cert&rdquo...
Apereo Central Authentication Service
NA
CVE-2023-32360
An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An unauthenticated user may be able to access recently printed documents.
Apple Macos
NA
CVE-2023-34241
OpenPrinting CUPS is a standards-based, open source printing system for Linux and other Unix-like operating systems. Starting in version 2.0.0 and prior to version 2.4.6, CUPS logs data of free memory to the logging service AFTER the connection has been closed, when it should hav...
Openprinting Cups
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Debian Debian Linux 10.0
Apple Macos
NA
CVE-2023-34923
XML Signature Wrapping (XSW) in SAML-based Single Sign-on feature in TOPdesk v12.10.12 allows bad actors with credentials to authenticate with the Identity Provider (IP) to impersonate any TOPdesk user via SAML Response manipulation.
Topdesk Topdesk 12.10.12
NA
CVE-2023-34232
snowflake-connector-nodejs, a NodeJS driver for Snowflake, is vulnerable to command injection via single sign on (SSO) browser URL authentication in versions before 1.6.21. In order to exploit the potential for command injection, an attacker would need to be successful in (1) est...
Snowflake Snowflake Connector
NA
CVE-2023-34233
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Versions before 3.0.2 are vulnerable to command injection via single sign-on(SSO) browser URL authentication. In order to...
Snowflake Snowflake Connector
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »