CVE-2025-13164 Digiwin｜EasyFlow GP - Insufficiently Protected Credentials

EasyFlow GP developed by Digiwin has an Insufficiently Protected Credentials vulnerability, allowing privileged remote attackers to obtain plaintext credentials of AD and system mail from the system frontend...

EUVD-2016-3243

Malware in sbrugna...

EUVD-2010-0245

Malware in sbrugna...

EUVD-2020-6009

Malware in sbrugna...

CVE-2024-42348

FOG is a cloning/imaging/rescue suite/inventory management system. FOG Server 1.5.10.41.2 can leak AD username and password when registering a computer. This vulnerability is fixed in 1.5.10.41.3 and 1.6.0-beta.1395...

Continued Threat Actor Exploitation Post Pulse Secure VPN Patching

Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT&CK® framework. See the ATT &CK for Enterprise framework for all referenced threat actor techniques and mitigations. This Alert provides an update to Cybersecurity and Infrastructure Security...

CVE-2020-13793

Unsafe storage of AD credentials in Ivanti DSM netinst 5.1 due to a static, hard-coded encryption key...

CISA Warns Patched Pulse Secure VPNs Could Still Expose Organizations to Hackers

The United States Cybersecurity and Infrastructure Security Agency CISA yesterday issued a fresh advisory alerting organizations to change all their Active Directory credentials as a defense against cyberattacks trying to leverage a known remote code execution RCE vulnerability in Pulse Secure VP...

TA505 Crime Gang Deploys SDBbot for Corporate Network Takeover

The TA505 cybercrime group has ramped up its attacks lately, with a set of campaigns bent on spreading the persistent SDBbot remote-access trojan RAT laterally throughout an entire corporate environment, researchers said. SDBbot RAT is a custom job that has been observed in TA505 attacks since at...

Connecting XenServer to XenCenter with AD User credentials fails with incorrect username/password

When trying to add a new host to XenCenter console, the process fails with the message "XenCenter has encountered a problem connecting to this server" and "Incorrect username and/or password". A second XenServer pool using the same AD authentication configuration same domain, same AD groups can...

CVE-2016-2142

Red Hat OpenShift Enterprise 3.1 uses world-readable permissions on the /etc/origin/master/master-config.yaml configuration file, which allows local users to obtain Active Directory credentials by reading the file...

CVE-2016-2142

Red Hat OpenShift Enterprise 3.1 uses world-readable permissions on the /etc/origin/master/master-config.yaml configuration file, which allows local users to obtain Active Directory credentials by reading the file...

PT-2016-5025 · Red Hat · Red Hat Openshift Enterprise

Name of the Vulnerable Software and Affected Versions: Red Hat OpenShift Enterprise version 3.1 Description: The issue concerns a configuration file with world-readable permissions, allowing local users to access sensitive information, specifically Active Directory credentials, by reading the fil...

Privilege escalation

Microsoft System Center Virtual Machine Manager VMM 2012 R2 Update Rollup 4 does not properly validate the roles of users, which allows local users to obtain server and virtual-machine administrative privileges by establishing a server session with Active Directory credentials, aka "Virtual Machi...