Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openid openid - vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2020-5300
In Hydra (an OAuth2 Server and OpenID Certified™ OpenID Connect Provider written in Go), before version 1.4.0+oryOS.17, when using client authentication method 'private_key_jwt' [1], OpenId specification says the following about assertion `jti`: "A unique ide...
Ory Hydra
9.8
CVSSv3
CVE-2019-11066
openid.php in LightOpenID up to and including 1.3.1 allows SSRF via a crafted OpenID 2.0 assertion request using the HTTP GET method.
Lightopenid Project Lightopenid
9.8
CVSSv3
CVE-2014-2048
The user_openid app in ownCloud Server prior to 5.0.15 allows remote malicious users to obtain access by leveraging an insecure OpenID implementation.
Owncloud Owncloud
NA
CVE-2012-6359
IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 prior to 6.2.0.11, 6.2.1 prior to 6.2.1.3, and 6.2.2 prior to 6.2.2.2 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 prior to 6.2.0.11, 6.2.1 prior to 6.2.1.3, and 6.2.2 prior to 6.2.2.2 do not check whethe...
Ibm Tivoli Federated Identity Manager 6.2.0.2
Ibm Tivoli Federated Identity Manager 6.2.0
Ibm Tivoli Federated Identity Manager 6.2.0.9
Ibm Tivoli Federated Identity Manager 6.2.0.1
Ibm Tivoli Federated Identity Manager 6.2.0.3
Ibm Tivoli Federated Identity Manager 6.2.0.8
Ibm Tivoli Federated Identity Manager 6.2.0.10
Ibm Tivoli Federated Identity Manager 6.2.1.2
Ibm Tivoli Federated Identity Manager 6.2.1.1
Ibm Tivoli Federated Identity Manager 6.2.1
Ibm Tivoli Federated Identity Manager 6.2.2
Ibm Tivoli Federated Identity Manager Business Gateway 6.2.0
Ibm Tivoli Federated Identity Manager Business Gateway 6.2.0.1
Ibm Tivoli Federated Identity Manager Business Gateway 6.2.0.9
Ibm Tivoli Federated Identity Manager Business Gateway 6.2.0.3
Ibm Tivoli Federated Identity Manager Business Gateway 6.2.0.10
Ibm Tivoli Federated Identity Manager Business Gateway 6.2.0.8
Ibm Tivoli Federated Identity Manager Business Gateway 6.2.0.2
Ibm Tivoli Federated Identity Manager Business Gateway 6.2.1
Ibm Tivoli Federated Identity Manager Business Gateway 6.2.2
9.8
CVSSv3
CVE-2021-45786
In maccms v10, an attacker can log in through /index.php/user/login in the "col" and "openid" parameters to gain privileges.
Maccms Maccms 10.0
8.8
CVSSv3
CVE-2023-50714
yii2-authclient is an extension that adds OpenID, OAuth, OAuth2 and OpenId Connect consumers for the Yii framework 2.0. In yii2-authclient prior to version 2.2.15, the Oauth2 PKCE implementation is vulnerable in 2 ways. First, the `authCodeVerifier` should be removed after usage ...
Yiiframework Yii2-authclient
5.9
CVSSv3
CVE-2021-32791
mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In mod_auth_openidc before version 2.4.9, the AES GCM encryption in mod_auth_openi...
Openidc Mod Auth Openidc
Fedoraproject Fedora 33
Fedoraproject Fedora 34
NA
CVE-2014-2681
Zend Framework 1 (ZF1) prior to 1.12.4, Zend Framework 2 prior to 2.1.6 and 2.2.x prior to 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService_Technorati, and ZendService_WindowsAzure prior to 2.0.2, ZendService_Amazo...
Zend Zendrest
Zend Zend Framework
Zend Zendservice Slideshare
Zend Zendservice Api
Zend Zendservice Audioscrobbler
Zend Zendservice Amazon
Zend Zendservice Technorati
Zend Zendservice Windowsazure
Zend Zendopenid
Zend Zendservice Nirvanix
NA
CVE-2014-2682
Zend Framework 1 (ZF1) prior to 1.12.4, Zend Framework 2 prior to 2.1.6 and 2.2.x prior to 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService_Technorati, and ZendService_WindowsAzure prior to 2.0.2, ZendService_Amazo...
Zend Zendrest
Zend Zend Framework
Zend Zendservice Slideshare
Zend Zendservice Api
Zend Zendservice Audioscrobbler
Zend Zendservice Amazon
Zend Zendservice Technorati
Zend Zendservice Windowsazure
Zend Zendopenid
Zend Zendservice Nirvanix
NA
CVE-2014-2683
Zend Framework 1 (ZF1) prior to 1.12.4, Zend Framework 2 prior to 2.1.6 and 2.2.x prior to 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService_Technorati, and ZendService_WindowsAzure prior to 2.0.2, ZendService_Amazo...
Zend Zendrest
Zend Zend Framework
Zend Zendservice Slideshare
Zend Zendservice Api
Zend Zendservice Audioscrobbler
Zend Zendservice Amazon
Zend Zendservice Technorati
Zend Zendservice Windowsazure
Zend Zendopenid
Zend Zendservice Nirvanix
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »