Lucene search
K

134 matches found

Talos Blog
Talos Blog
added yesterday4 views

Microsoft Patch Tuesday for July 2026 — Snort rules and prominent vulnerabilities

Microsoft has released its monthly security update for July 2026, which includes 622 vulnerabilities affecting a range of products, including 57 that Microsoft marked as "critical." Microsoft notes that two of the vulnerabilities disclosed this month have been exploited in the wild. CVE-2026-5615...

9.9CVSS6.8AI score
Exploits0
EUVD
EUVD
added 2025/10/14 6:30 p.m.8 views

EUVD-2025-34371

Insertion of sensitive information into log file in Active Directory Federation Services allows an unauthorized attacker to disclose information locally...

6.2CVSS8.8AI score0.0055EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2025/10/14 2:0 p.m.6 views

Windows Active Directory Federation Services (ADFS) Information Disclosure Vulnerability

Insertion of sensitive information into log file in Active Directory Federation Services allows an unauthorized attacker to disclose information locally...

6.2CVSS6.5AI score0.0055EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2019-9838

Malware in sbrugna...

5.4CVSS5.4AI score0.01548EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-11948

Malware in sbrugna...

6.1CVSS6.5AI score0.01784EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-8594

Malware in sbrugna...

8.6CVSS8.8AI score0.08026EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2019-1710

Malware in sbrugna...

6.8CVSS7.2AI score0.01821EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-7860

Malware in sbrugna...

7.8CVSS7.5AI score0.00399EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-0410

Malware in sbrugna...

5.3CVSS6.3AI score0.02059EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 4:6 p.m.7 views

CVE-2020-1055

A cross-site-scripting XSS vulnerability exists when Active Directory Federation Services ADFS does not properly sanitize user inputs, aka 'Microsoft Active Directory Federation Services Cross-Site Scripting Vulnerability'...

6.1CVSS5.8AI score0.01784EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:14 a.m.7 views

CVE-2019-1273

A cross-site-scripting XSS vulnerability exists when Active Directory Federation Services ADFS does not properly sanitize certain error messages, aka 'Active Directory Federation Services XSS Vulnerability'...

5.4CVSS5.5AI score0.01548EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2024/02/29 3:21 p.m.47 views

New Silver SAML Attack Evades Golden SAML Defenses in Identity Systems

Cybersecurity researchers have disclosed a new attack technique called Silver SAML that can be successful even in cases where mitigations have been applied against Golden SAML attacks. Silver SAML "enables the exploitation of SAML to launch attacks from an identity provider like Entra ID against...

7.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/01/03 12:0 a.m.19 views

ADFS Relying Party Trusts Disclosure

Microsoft Active Directory Federation Services ADFS is a very popular Single Sign On SSO feature offering identity federation to organizations. An ADFS server can be configured to show a login page to connect to corporate applications directly from this Identity Provider IdP. When enabled, this w...

7.1AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/07/17 12:0 a.m.7 views

The vulnerability of the Active Directory Federation Services (ADFS) for Windows operating systems allows a perpetrator to circumvent security restrictions.

The vulnerability of the Active Directory Federation Services AD FS for Windows operating systems is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to bypass security restrictions remotely...

6.8CVSS6.8AI score0.01168EPSS
Exploits0References3
Prion
Prion
added 2023/07/11 6:15 p.m.34 views

Security feature bypass

Active Directory Federation Service Security Feature Bypass Vulnerability...

4CVSS6.5AI score0.01034EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2023/05/09 7:0 a.m.192 views

May 9, 2023—KB5026370 (OS Build 20348.1726)

None None...

9.8CVSS6.8AI score0.94683EPSS
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/02/08 5:0 p.m.18 views

Solving one of NOBELIUM’s most novel attacks: Cyberattack Series

Our story begins with eight Microsoft Detection and Response Team DART analysts gathered around a customer’s conference room to solve a cybersecurity mystery. Joined by members of the customer’s cybersecurity team, they were there to figure out how a Russia-based nation-state hacking group known ...

0.5AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/07/12 11:15 p.m.1 views

CVE-2022-30215

Active Directory Federation Services Elevation of Privilege Vulnerability...

8.5CVSS7.1AI score0.01693EPSS
Exploits0References3Affected Software6
Prion
Prion
added 2022/07/12 11:15 p.m.27 views

Privilege escalation

Active Directory Federation Services Elevation of Privilege Vulnerability...

8.5CVSS7.6AI score0.01693EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/05/26 8:15 p.m.5 views

CVE-2022-30584

Archer Platform 6.3 before 6.11 6.11.0.0 contains an Improper Access Control Vulnerability within SSO ADFS functionality that could potentially be exploited by malicious users to compromise the affected system. 6.10 P3 6.10.0.3 and 6.9 SP3 P4 6.9.3.4 are also fixed releases...

8.8CVSS5.8AI score0.00921EPSS
Exploits0References2
Rows per page
Query Builder