Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openid openid - vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2014-2682
Zend Framework 1 (ZF1) prior to 1.12.4, Zend Framework 2 prior to 2.1.6 and 2.2.x prior to 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService_Technorati, and ZendService_WindowsAzure prior to 2.0.2, ZendService_Amazo...
Zend Zendrest
Zend Zend Framework
Zend Zendservice Slideshare
Zend Zendservice Api
Zend Zendservice Audioscrobbler
Zend Zendservice Amazon
Zend Zendservice Technorati
Zend Zendservice Windowsazure
Zend Zendopenid
Zend Zendservice Nirvanix
445
VMScore
CVE-2014-2683
Zend Framework 1 (ZF1) prior to 1.12.4, Zend Framework 2 prior to 2.1.6 and 2.2.x prior to 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_SlideShare, ZendService_Technorati, and ZendService_WindowsAzure prior to 2.0.2, ZendService_Amazo...
Zend Zendrest
Zend Zend Framework
Zend Zendservice Slideshare
Zend Zendservice Api
Zend Zendservice Audioscrobbler
Zend Zendservice Amazon
Zend Zendservice Technorati
Zend Zendservice Windowsazure
Zend Zendopenid
Zend Zendservice Nirvanix
445
VMScore
CVE-2017-6062
The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka mod_auth_openidc) module prior to 2.1.5 for the Apache HTTP Server does not skip OIDC_CLAIM_ and OIDCAuthNHeader headers in an "OIDCUnAuthAction pass" configuration, which allows remote mali...
Openidc Mod Auth Openidc
445
VMScore
CVE-2015-6926
The OpenID Single Sign-On authentication functionality in OXID eShop prior to 4.5.0 allows remote malicious users to impersonate users via the email address in a crafted authentication token.
Oxid-esales Eshop
516
VMScore
CVE-2020-15222
In ORY Fosite (the security first OAuth2 & OpenID Connect framework for Go) before version 0.31.0, when using "private_key_jwt" authentication the uniqueness of the `jti` value is not checked. When using client authentication method "private_key_jwt", Open...
Ory Fosite
445
VMScore
CVE-2021-44878
If an OpenID Connect provider supports the "none" algorithm (i.e., tokens with no signature), pac4j v5.3.0 (and prior) does not refuse it without an explicit configuration on its side or for the "idtoken" response type which is not secure and violates the Open...
Pac4j Pac4j
668
VMScore
CVE-2019-4155
IBM API Connect's Developer Portal 2018.1 and 2018.4.1.3 is impacted by a privilege escalation vulnerability when integrated with an OpenID Connect (OIDC) user registry. IBM X-Force ID: 158544.
Ibm Api Connect
605
VMScore
CVE-2014-5267
modules/openid/xrds.inc in Drupal 6.x prior to 6.33 and 7.x prior to 7.31 allows remote malicious users to have unspecified impact via a crafted DOCTYPE declaration in an XRDS document.
Drupal Drupal 7.0
Drupal Drupal 6.0
Drupal Drupal 7.16
Drupal Drupal 7.21
Drupal Drupal 6.2
Drupal Drupal 7.18
Drupal Drupal 7.15
Drupal Drupal 6.14
Drupal Drupal 6.24
Drupal Drupal 6.13
Drupal Drupal 6.25
Drupal Drupal 6.18
Drupal Drupal 7.3
Drupal Drupal 6.12
Drupal Drupal 6.32
Drupal Drupal 7.17
Drupal Drupal 7.8
Drupal Drupal 7.13
Drupal Drupal 7.20
Drupal Drupal 6.4
Drupal Drupal 7.5
Drupal Drupal 6.11
NA
CVE-2023-32074
user_oidc app is an OpenID Connect user backend for Nextcloud. Authentication can be broken/bypassed in user_oidc app. It is recommended that the Nextcloud user_oidc app is upgraded to 1.3.2
Nextcloud User Oidc
445
VMScore
CVE-2008-7299
IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 prior to 6.2.0.2 uses an incomplete SAML 1.x browser-artifact, which allows remote OpenID providers to spoof assertions via vectors related to the Issuer field.
Ibm Tivoli Federated Identity Manager 6.2.0
Ibm Tivoli Federated Identity Manager 6.2.0.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »