Lucene search
K

9 matches found

EUVD
EUVD
added 2026/05/22 10:4 p.m.9 views

EUVD-2026-31522

Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network...

10CVSS5.8AI score0.00301EPSS
Exploits0References1
Microsoft Secure
Microsoft Secure
added 2026/05/07 4:0 p.m.11 views

World Passkey Day: Advancing passwordless authentication

World Passkey Day is a chance to reflect on progress toward a shared goal: reducing our reliance on passwords and other phishable authentication methods by accelerating passkey adoption. As cyberattacks become more automated and AI-powered, each account is only as secure as its weakest credential...

5.9AI score
Exploits0
Cvelist
Cvelist
added 2026/04/29 1:31 p.m.37 views

CVE-2026-42525

Jenkins Microsoft Entra ID previously Azure AD Plugin 666.v6060de32f87d and earlier does not restrict the redirect URL after login, allowing attackers to perform phishing attacks...

0.00212EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.7 views

PT-2026-35919

Name of the Vulnerable Software and Affected Versions Jenkins Microsoft Entra ID previously Azure AD Plugin versions prior to 666.v6060de32f87d Description The plugin does not restrict the redirect URL after login, which allows attackers to perform phishing attacks. Recommendations Update the...

4.3CVSS5.8AI score0.00212EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/04/23 9:37 p.m.3 views

CVE-2026-35431 Microsoft Entra ID Entitlement Management Spoofing Vulnerability

...

10CVSS5.1AI score0.00511EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/04/23 2:0 p.m.10 views

Microsoft Entra ID Entitlement Management Spoofing Vulnerability

Server-side request forgery ssrf in Microsoft Entra ID Entitlement Management allows an unauthorized attacker to perform spoofing over a network...

10CVSS5.8AI score0.00511EPSS
Exploits0
EUVD
EUVD
added 2026/02/04 8:26 p.m.7 views

EUVD-2026-5338

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Microsoft Entra ID SSO Login allows Privilege Escalation.This issue affects Microsoft Entra ID SSO Login: from 0.0.0 before 1.0.4...

6.5CVSS5.3AI score0.002EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/09 12:0 a.m.4 views

Microsoft Entra ID 访问控制错误漏洞

Microsoft Entra ID is a cloud-based identity and management solution from Microsoft Corporation USA. An access control error vulnerability exists in Microsoft Entra ID that stems from an elevation of privilege vulnerability...

9.6CVSS8.9AI score0.00601EPSS
Exploits0References1
Microsoft Secure
Microsoft Secure
added 2023/12/12 6:0 p.m.29 views

Threat actors misuse OAuth applications to automate financially driven attacks

Threat actors are misusing OAuth applications as an automation tool in financially motivated attacks. OAuth is an open standard for token-based authentication and authorization that enables applications to get access to data and resources based on permissions set by a user. Threat actors compromi...

7AI score
Exploits0
Rows per page
Query Builder