46 matches found
CVE-2026-12249
An issue was discovered in Canonical ADSys upstream versions through v0.16.2. During Active Directory Certificate Services AD CS certificate auto-enrollment via the vendored Samba client script internal/policies/certificate/python/vendorsamba/gp/gpcertautoenrollext.py, ADSys utilizes a plaintext...
EUVD-2011-1272
Malware in sbrugna...
EUVD-2025-14469
Malicious code in bioql PyPI...
CVE-2025-29968 Active Directory Certificate Services (AD CS) Denial of Service Vulnerability
...
Active Directory Certificate Services (AD CS) Denial of Service Vulnerability
Improper input validation in Active Directory Certificate Services AD CS allows an authorized attacker to deny service over a network...
PT-2025-20971 · Microsoft · Active Directory Certificate Services +1
Name of the Vulnerable Software and Affected Versions: Active Directory Certificate Services AD CS affected versions not specified Description: The issue is related to improper input validation, which allows an authorized attacker to deny service over a network. This can affect the system, leadin...
The vulnerability of Active Directory Certificate Services on Windows operating systems allows attackers to increase their privileges.
The vulnerability of Active Directory Certificate Services on Windows operating systems is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker to gain increased privileges remotely...
Microsoft Active Directory Certificate Services 安全漏洞
Microsoft Active Directory Certificate Services is a Windows Server role from Microsoft Corporation USA that issues and manages Public Key Infrastructure PKI certificates used in secure communications and authentication protocols. A security vulnerability exists in Microsoft Active Directory...
Microsoft Patch Tuesday, November 2024 Edition
Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. November's patch batch includes fixes for two zero-day vulnerabilities that are already being exploited by attackers, as well as two other flaws that were publicly disclosed...
Microsoft and Adobe Patch Tuesday, November 2024 Security Update Review
Microsoft has released its November 2024 Patch Tuesday updates, targeting various vulnerabilities that could impact users and organizations worldwide. From zero-day threats to key product patches, here’s what’s crucial to apply this month. Here’s a breakdown of the updates and how they impact you...
Active Directory Certificate Services Elevation of Privilege Vulnerability
...
KLA77106 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code...
Security Flaw in Styra's OPA Exposes NTLM Hashes to Remote Attackers
Details have emerged about a now-patched security flaw in Styra's Open Policy Agent OPA that, if successfully exploited, could have led to leakage of New Technology LAN Manager NTLM hashes. "The vulnerability could have allowed an attacker to leak the NTLM credentials of the OPA server's local us...
Active Directory Certificate Services (ADCS) Privilege Escalation (Certifried)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Active Directory Certificate Services ADCS privilege escalation Certifried', 'Description' = %q This module exploits a privilege escalation...
CVE-2023-35351
Windows Active Directory Certificate Services AD CS Remote Code Execution Vulnerability...
PT-2023-3910 · Microsoft · Windows Active Directory Certificate Services +1
Name of the Vulnerable Software and Affected Versions: Windows Active Directory Certificate Services AD CS affected versions not specified Description: The issue is related to insufficient input validation in Windows Active Directory Certificate Services AD CS, which can be exploited by a remote...
Metasploit Weekly Wrap-Up
Rocket Software UniRPC Exploits Ron Bowes submitted two exploit modules for vulnerabilities he discovered in the UniRPC server for Rocket Software’s UniData product. The first exploit module, exploit/linux/misc/unidataudadminauthbypass exploits an authentication bypass to ultimately gain remote...
Microsoft Patch Tuesday Fixes New Windows Zero-Day; No Patch for Exchange Server Bugs
Microsoft's Patch Tuesday update for the month of October has addressed a total of 85 security vulnerabilities, including fixes for an actively exploited zero-day flaw in the wild. Of the 85 bugs, 15 are rated Critical, 69 are rated Important, and one is rated Moderate in severity. The update,...
Microsoft Windows Multiple Vulnerabilities (KB5018411)
This host is missing an important security update according to Microsoft KB5018411 SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
Microsoft Windows Multiple Vulnerabilities (KB5018419)
This host is missing an important security update according to Microsoft KB5018419 SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...