Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-10551

Malicious code in bioql PyPI...

4.7CVSS6.4AI score0.00084EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/05/14 12:0 a.m.6 views

Vulnerability of the Microsoft.Identity.Abstractions component in the Microsoft Identity Web library, which allows a perpetrator to gain unauthorized access to protected information

The vulnerability of the Microsoft.Identity.Abstractions component in the Microsoft Identity Web library is related to the disclosure of information through registration files. Exploiting this vulnerability may allow an attacker to gain unauthorized access to protected information...

4.7CVSS5.4AI score0.00084EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/04/11 4:3 p.m.16 views

CVE-2025-32016

Microsoft Identity Web is a library which contains a set of reusable classes used in conjunction with ASP.NET Core for integrating with the Microsoft identity platform formerly Azure AD v2.0 endpoint and AAD B2C. This vulnerability affects confidential client applications, including daemons, web...

4.7CVSS6.5AI score0.00084EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/04/09 6:58 p.m.17 views

Microsoft Identity Web Exposes Client Secrets and Certificate Information in Service Logs

Impact What kind of vulnerability is it? Who is impacted? Description: This vulnerability affects confidential client applications, including daemons, web apps, and web APIs. Under specific circumstances, sensitive information such as client secrets or certificate details may be exposed in the...

4.7CVSS6.6AI score0.00084EPSS
Exploits0References3Affected Software2
NVD
NVD
added 2025/04/09 4:15 p.m.10 views

CVE-2025-32016

Microsoft Identity Web is a library which contains a set of reusable classes used in conjunction with ASP.NET Core for integrating with the Microsoft identity platform formerly Azure AD v2.0 endpoint and AAD B2C. This vulnerability affects confidential client applications, including daemons, web...

4.7CVSS0.00084EPSS
Exploits0References1
OSV
OSV
added 2025/04/09 3:48 p.m.7 views

CVE-2025-32016 Microsoft Identity Web Exposes Client Secrets and Certificate Information in Service Logs

Microsoft Identity Web is a library which contains a set of reusable classes used in conjunction with ASP.NET Core for integrating with the Microsoft identity platform formerly Azure AD v2.0 endpoint and AAD B2C. This vulnerability affects confidential client applications, including daemons, web...

4.7CVSS6.5AI score0.00084EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/09 3:48 p.m.7 views

CVE-2025-32016 Microsoft Identity Web Exposes Client Secrets and Certificate Information in Service Logs

Microsoft Identity Web is a library which contains a set of reusable classes used in conjunction with ASP.NET Core for integrating with the Microsoft identity platform formerly Azure AD v2.0 endpoint and AAD B2C. This vulnerability affects confidential client applications, including daemons, web...

4.7CVSS6.5AI score0.00084EPSS
Exploits0References1
CVE
CVE
added 2025/04/09 3:48 p.m.71 views

CVE-2025-32016

This CVE affects Microsoft Identity Web (and related Microsoft.Identity.Abstractions) used with ASP.NET Core for Azure AD v2.0 / AAD B2C integrations. Under certain conditions, service logs can expose sensitive credentials, including local file paths with passwords, Base64-encoded values, and Cli...

4.7CVSS4.7AI score0.00084EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/09 3:48 p.m.15 views

CVE-2025-32016 Microsoft Identity Web Exposes Client Secrets and Certificate Information in Service Logs

Microsoft Identity Web is a library which contains a set of reusable classes used in conjunction with ASP.NET Core for integrating with the Microsoft identity platform formerly Azure AD v2.0 endpoint and AAD B2C. This vulnerability affects confidential client applications, including daemons, web...

4.7CVSS0.00084EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/09 12:0 a.m.6 views

PT-2025-15702 · Microsoft · Microsoft.Identity.Abstractions +1

Name of the Vulnerable Software and Affected Versions: Microsoft Identity Web versions prior to 3.8.2 Microsoft Identity Web versions prior to 3.8.2 is equivalent to Microsoft.Identity.Abstractions versions prior to 9.0.0, however the correct representation is: Microsoft Identity Web versions pri...

4.7CVSS6AI score0.00084EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/04/09 12:0 a.m.4 views

Microsoft Identity Web 日志信息泄露漏洞

Microsoft Identity Web is an Azure Active Directory open source to help create protected web applications and web APIs using the Microsoft Identity Platform and Azure AD B2C. A log information disclosure vulnerability exists in Microsoft Identity Web, which stems from the fact that sensitive...

4.7CVSS5.8AI score0.00084EPSS
Exploits0References1
Rows per page
Query Builder