Lucene search
K

46 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/22 3:43 p.m.4 views

CVE-2026-12249

An issue was discovered in Canonical ADSys upstream versions through v0.16.2. During Active Directory Certificate Services AD CS certificate auto-enrollment via the vendored Samba client script internal/policies/certificate/python/vendorsamba/gp/gpcertautoenrollext.py, ADSys utilizes a plaintext...

9.5CVSS6AI score0.00111EPSS
Exploits0References3Affected Software5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2011-1272

Malware in sbrugna...

4.3CVSS6.2AI score0.0515EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-14469

Malicious code in bioql PyPI...

6.5CVSS8.5AI score0.01624EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/05/13 4:58 p.m.10 views

CVE-2025-29968 Active Directory Certificate Services (AD CS) Denial of Service Vulnerability

...

6.5CVSS6.6AI score0.01624EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/05/13 7:0 a.m.16 views

Active Directory Certificate Services (AD CS) Denial of Service Vulnerability

Improper input validation in Active Directory Certificate Services AD CS allows an authorized attacker to deny service over a network...

6.5CVSS6.9AI score0.01624EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/05/13 12:0 a.m.4 views

PT-2025-20971 · Microsoft · Active Directory Certificate Services +1

Name of the Vulnerable Software and Affected Versions: Active Directory Certificate Services AD CS affected versions not specified Description: The issue is related to improper input validation, which allows an authorized attacker to deny service over a network. This can affect the system, leadin...

6.8CVSS8.9AI score0.01624EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2025/04/10 12:0 a.m.10 views

The vulnerability of Active Directory Certificate Services on Windows operating systems allows attackers to increase their privileges.

The vulnerability of Active Directory Certificate Services on Windows operating systems is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker to gain increased privileges remotely...

9CVSS7.5AI score0.03244EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.6 views

Microsoft Active Directory Certificate Services 安全漏洞

Microsoft Active Directory Certificate Services is a Windows Server role from Microsoft Corporation USA that issues and manages Public Key Infrastructure PKI certificates used in secure communications and authentication protocols. A security vulnerability exists in Microsoft Active Directory...

8.8CVSS8.4AI score0.03244EPSS
Exploits0References2
Krebs on Security
Krebs on Security
added 2024/11/12 9:59 p.m.44 views

Microsoft Patch Tuesday, November 2024 Edition

Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. November's patch batch includes fixes for two zero-day vulnerabilities that are already being exploited by attackers, as well as two other flaws that were publicly disclosed...

9.8CVSS9AI score0.81817EPSS
Exploits2
Qualys Blog
Qualys Blog
added 2024/11/12 7:59 p.m.38 views

Microsoft and Adobe Patch Tuesday, November 2024 Security Update Review

Microsoft has released its November 2024 Patch Tuesday updates, targeting various vulnerabilities that could impact users and organizations worldwide. From zero-day threats to key product patches, here’s what’s crucial to apply this month. Here’s a breakdown of the updates and how they impact you...

9.8CVSS9.2AI score0.81817EPSS
Exploits3
Microsoft CVE
Microsoft CVE
added 2024/11/12 8:0 a.m.18 views

Active Directory Certificate Services Elevation of Privilege Vulnerability

...

7.8CVSS7.3AI score0.01965EPSS
Exploits1
Kaspersky
Kaspersky
added 2024/11/12 12:0 a.m.51 views

KLA77106 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code...

9.8CVSS9.6AI score0.81817EPSS
Exploits1References40
The Hacker News
The Hacker News
added 2024/10/22 2:12 p.m.24 views

Security Flaw in Styra's OPA Exposes NTLM Hashes to Remote Attackers

Details have emerged about a now-patched security flaw in Styra's Open Policy Agent OPA that, if successfully exploited, could have led to leakage of New Technology LAN Manager NTLM hashes. "The vulnerability could have allowed an attacker to leak the NTLM credentials of the OPA server's local us...

8.8CVSS7.4AI score0.11709EPSS
Exploits0
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.463 views

Active Directory Certificate Services (ADCS) Privilege Escalation (Certifried)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Active Directory Certificate Services ADCS privilege escalation Certifried', 'Description' = %q This module exploits a privilege escalation...

9CVSS7AI score0.83277EPSS
Exploits8
NVD
NVD
added 2023/07/11 6:15 p.m.17 views

CVE-2023-35351

Windows Active Directory Certificate Services AD CS Remote Code Execution Vulnerability...

6.6CVSS8.1AI score0.00698EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/07/11 12:0 a.m.3 views

PT-2023-3910 · Microsoft · Windows Active Directory Certificate Services +1

Name of the Vulnerable Software and Affected Versions: Windows Active Directory Certificate Services AD CS affected versions not specified Description: The issue is related to insufficient input validation in Windows Active Directory Certificate Services AD CS, which can be exploited by a remote...

8.3CVSS9.5AI score0.01223EPSS
Exploits0References7
Rapid7 Blog
Rapid7 Blog
added 2023/04/14 6:13 p.m.31 views

Metasploit Weekly Wrap-Up

Rocket Software UniRPC Exploits Ron Bowes submitted two exploit modules for vulnerabilities he discovered in the UniRPC server for Rocket Software’s UniData product. The first exploit module, exploit/linux/misc/unidataudadminauthbypass exploits an authentication bypass to ultimately gain remote...

10.7AI score0.62136EPSS
Exploits4
The Hacker News
The Hacker News
added 2022/10/12 7:7 a.m.539 views

Microsoft Patch Tuesday Fixes New Windows Zero-Day; No Patch for Exchange Server Bugs

Microsoft's Patch Tuesday update for the month of October has addressed a total of 85 security vulnerabilities, including fixes for an actively exploited zero-day flaw in the wild. Of the 85 bugs, 15 are rated Critical, 69 are rated Important, and one is rated Moderate in severity. The update,...

10CVSS0.9AI score0.9997EPSS
Exploits16
OpenVAS
OpenVAS
added 2022/10/12 12:0 a.m.35 views

Microsoft Windows Multiple Vulnerabilities (KB5018419)

This host is missing an important security update according to Microsoft KB5018419 SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

8.8CVSS7.5AI score0.56269EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/10/12 12:0 a.m.31 views

Microsoft Windows Multiple Vulnerabilities (KB5018411)

This host is missing an important security update according to Microsoft KB5018411 SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

8.8CVSS7.5AI score0.56269EPSS
Exploits0References3
Rows per page
Query Builder