Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
identitymodel vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-36255
An issue exists in IdentityModel (aka ScottBrady.IdentityModel) prior to 1.3.0. The Branca implementation allows an malicious user to modify and forge authentication tokens.
Identitymodel Project Identitymodel
8.8
CVSSv3
CVE-2024-21643
IdentityModel Extensions for .NET provide assemblies for web developers that wish to use federated identity providers for establishing the caller's identity. Anyone leveraging the `SignedHttpRequest`protocol or the `SignedHttpRequestValidator`is vulnerable. Microsoft.Identit...
Microsoft Identitymodel Extensions
7.5
CVSSv3
CVE-2019-1006
An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.
Microsoft .net Framework 2.0
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 4.7.2
Microsoft .net Framework 4.8
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.6
Microsoft .net Framework 4.6.1
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7
Microsoft .net Framework 4.7.1
Microsoft Windows 10 1803
Microsoft Windows 10 1809
Microsoft Windows 10 1903
Microsoft Windows Server 2008 -
Microsoft Sharepoint Enterprise Server 2016
Microsoft Sharepoint Foundation 2013
Microsoft Windows Rt 8.1 -
Microsoft Windows 10 1607
Microsoft Windows 10 1709
Microsoft Windows Server 2008 R2
1 Github repository
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started