1115 matches found
CVE-2026-12283 SQL injection in Amazon Athena Synapse connector
Amazon Athena is a serverless, interactive query service that lets you analyze data directly in Amazon S3 using standard SQL. Athena Query Federation is a feature that allows you to connect to data sources outside of Amazon S3 like DynamoDB, Azure Synapse, and custom connectors using standard SQL...
CVE-2026-12283 SQL injection in Amazon Athena Synapse connector
Amazon Athena is a serverless, interactive query service that lets you analyze data directly in Amazon S3 using standard SQL. Athena Query Federation is a feature that allows you to connect to data sources outside of Amazon S3 like DynamoDB, Azure Synapse, and custom connectors using standard SQL...
The vulnerability of the Active Directory Federation Services (ADFS) for Windows operating systems allows a perpetrator to increase their privileges.
The vulnerability of the Active Directory Federation Services AD FS for Windows operating systems is related to deficiencies in access control mechanisms. Exploiting this vulnerability can allow attackers to increase their privileges...
Microsoft Patch Tuesday for July 2026 — Snort rules and prominent vulnerabilities
Microsoft has released its monthly security update for July 2026, which includes 622 vulnerabilities affecting a range of products, including 57 that Microsoft marked as "critical." Microsoft notes that two of the vulnerabilities disclosed this month have been exploited in the wild. CVE-2026-5615...
CVE-2026-58529
Out-of-bounds read in Active Directory Federation Services AD FS allows an authorized attacker to disclose information over a network...
CVE-2026-50411
Stack-based buffer overflow in Active Directory Federation Services AD FS allows an unauthorized attacker to deny service over a network...
CVE-2026-50368
Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network...
CVE-2026-50355
Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network...
CVE-2026-50324
Loop with unreachable exit condition 'infinite loop' in Active Directory Federation Services AD FS allows an unauthorized attacker to deny service over a network...
CVE-2026-50304
Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network...
CVE-2026-56155
Insufficient granularity of access control in Active Directory Federation Services AD FS allows an authorized attacker to elevate privileges locally...
CVE-2026-54983
Stack-based buffer overflow in Active Directory Federation Services AD FS allows an unauthorized attacker to deny service over a network...
CVE-2026-50695
Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network...
CVE-2026-58529 Windows Active Directory Federation Services (ADFS) Information Disclosure Vulnerability
...
CVE-2026-58529
Summary (CVE-2026-58529): Out-of-bounds read in Active Directory Federation Services (AD FS) can disclose information over a network to an authorized attacker. The entry is supported by multiple connected sources (NVD/NCSC/CIRCL/NVDC/MSRC) confirming the vulnerability and its description. The CVS...
CVE-2026-50684 Active Directory Federation Server Spoofing Vulnerability
...
CVE-2026-50684
CVE-2026-50684 (AD FS spoofing) : The vulnerability is described as improper neutralization of input during web page generation (XSS) in Active Directory Federation Services, enabling an authorized attacker to perform spoofing over the network. The CVSS v3.1 base metrics indicate a Medium severit...
CVE-2026-50647
CVE-2026-50647: AD FS denial-of-service due to an infinite loop in AD FS. Public sources (NVD/EUVD/NCSC, CIRCL sighting, MSRC) confirm a network-exploitable condition causing service disruption; no exploitation details provided in the docs. Microsoft has released updates addressing the vulnerabil...
CVE-2026-50647 Active Directory Federation Server Denial of Service Vulnerability
...
CVE-2026-50647 Active Directory Federation Server Denial of Service Vulnerability
...