Lucene search
+L

4263 matches found

Nuclei
Nuclei
added yesterday116 views

SecurEnvoy Two Factor Authentication - LDAP Injection

Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper validation of user-supplied input. An unauthenticated remote attacker could exfiltrate data from Active Directory through blind LDAP injection attacks against the DESKTOP service exposed on the...

9.8CVSS5.4AI score0.03304EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 3 days ago13 views

PT-2026-60486

Name of the Vulnerable Software and Affected Versions Microsoft Office 365 Integration plugin versions prior to 4.5.6 Microsoft Office 365 Integration plugin versions prior to 5.0.5 Microsoft Office 365 Integration plugin versions prior to 5.1.1 Description The Microsoft Office 365 Integration...

9.3CVSS5.3AI score0.00915EPSS
Exploits0References11
OSV
OSV
added 4 days ago8 views

BIT-PROMETHEUS-2026-42151 Prometheus Azure AD remote write OAuth client secret exposed via config API

Prometheus is an open-source monitoring system and time series database. Prior to versions 3.5.3 and 3.11.3, the clientsecret field in the Azure AD remote write OAuth configuration storage/remote/azuread was typed as string instead of Secret. Prometheus redacts fields of type Secret when serving...

7.5CVSS5.8AI score0.00326EPSS
Exploits0References20
BDU FSTEC
BDU FSTEC
added 4 days ago11 views

The vulnerability of the Active Directory Federation Services (ADFS) for Windows operating systems allows a perpetrator to increase their privileges.

The vulnerability of the Active Directory Federation Services AD FS for Windows operating systems is related to deficiencies in access control mechanisms. Exploiting this vulnerability can allow attackers to increase their privileges...

7.8CVSS6.2AI score0.00379EPSS
Exploits0References4Affected Software13
Talos Blog
Talos Blog
added 5 days ago7 views

Microsoft Patch Tuesday for July 2026 — Snort rules and prominent vulnerabilities

Microsoft has released its monthly security update for July 2026, which includes 622 vulnerabilities affecting a range of products, including 57 that Microsoft marked as "critical." Microsoft notes that two of the vulnerabilities disclosed this month have been exploited in the wild. CVE-2026-5615...

9.9CVSS7.6AI score0.20346EPSS
Exploits1
NVD
NVD
added 5 days ago7 views

CVE-2026-58529

Out-of-bounds read in Active Directory Federation Services AD FS allows an authorized attacker to disclose information over a network...

7.1CVSS0.00948EPSS
Exploits0References1
NVD
NVD
added 5 days ago4 views

CVE-2026-54121

Improper authorization in Active Directory Certificate Services AD CS allows an authorized attacker to elevate privileges over a network...

8.8CVSS0.00802EPSS
Exploits0References1
NVD
NVD
added 5 days ago3 views

CVE-2026-54115

Integer overflow or wraparound in Windows Active Directory allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00318EPSS
Exploits0References1
NVD
NVD
added 5 days ago4 views

CVE-2026-50647

Loop with unreachable exit condition 'infinite loop' in Active Directory Federation Services AD FS allows an unauthorized attacker to deny service over a network...

7.5CVSS0.01098EPSS
Exploits0References1
NVD
NVD
added 5 days ago3 views

CVE-2026-50411

Stack-based buffer overflow in Active Directory Federation Services AD FS allows an unauthorized attacker to deny service over a network...

7.5CVSS0.00797EPSS
Exploits0References1
NVD
NVD
added 5 days ago5 views

CVE-2026-50366

Null pointer dereference in Active Directory Domain Services allows an authorized attacker to deny service over a network...

6.5CVSS0.00755EPSS
Exploits0References1
NVD
NVD
added 5 days ago3 views

CVE-2026-50368

Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network...

7.5CVSS0.00797EPSS
Exploits0References1
NVD
NVD
added 5 days ago5 views

CVE-2026-50324

Loop with unreachable exit condition 'infinite loop' in Active Directory Federation Services AD FS allows an unauthorized attacker to deny service over a network...

5.9CVSS0.00782EPSS
Exploits0References1
NVD
NVD
added 5 days ago3 views

CVE-2026-50304

Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network...

7.5CVSS0.01074EPSS
Exploits0References1
NVD
NVD
added 5 days ago8 views

CVE-2026-57976

Null pointer dereference in Active Directory Domain Services allows an authorized attacker to deny service over a network...

6.5CVSS0.00755EPSS
Exploits0References1
NVD
NVD
added 5 days ago4 views

CVE-2026-56155

Insufficient granularity of access control in Active Directory Federation Services AD FS allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00379EPSS
Exploits0References2
NVD
NVD
added 5 days ago4 views

CVE-2026-55001

Improper certificate validation in Windows Active Directory allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00219EPSS
Exploits0References1
NVD
NVD
added 5 days ago4 views

CVE-2026-54983

Stack-based buffer overflow in Active Directory Federation Services AD FS allows an unauthorized attacker to deny service over a network...

7.5CVSS0.00797EPSS
Exploits0References1
NVD
NVD
added 5 days ago5 views

CVE-2026-54119

Loop with unreachable exit condition 'infinite loop' in Windows Active Directory allows an unauthorized attacker to deny service over a network...

7.5CVSS0.00816EPSS
Exploits0References1
NVD
NVD
added 5 days ago5 views

CVE-2026-50652

Deserialization of untrusted data in Azure Active Directory allows an unauthorized attacker to deny service over a network...

7.5CVSS0.01174EPSS
Exploits0References1
Rows per page
Query Builder