Lucene search
K

125 matches found

Microsoft CVE
Microsoft CVE
added 2025/10/14 2:0 p.m.5 views

Windows Active Directory Federation Services (ADFS) Information Disclosure Vulnerability

Insertion of sensitive information into log file in Active Directory Federation Services allows an unauthorized attacker to disclose information locally...

6.2CVSS6.5AI score0.00538EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-1710

Malware in sbrugna...

6.8CVSS7.2AI score0.01821EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-8594

Malware in sbrugna...

8.6CVSS8.8AI score0.08026EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-9838

Malware in sbrugna...

5.4CVSS5.4AI score0.01548EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-0410

Malware in sbrugna...

5.3CVSS6.3AI score0.02059EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-11948

Malware in sbrugna...

6.1CVSS6.5AI score0.01784EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-7860

Malware in sbrugna...

7.8CVSS7.5AI score0.00405EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 4:6 p.m.6 views

CVE-2020-1055

A cross-site-scripting XSS vulnerability exists when Active Directory Federation Services ADFS does not properly sanitize user inputs, aka 'Microsoft Active Directory Federation Services Cross-Site Scripting Vulnerability'...

6.1CVSS5.8AI score0.01784EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:14 a.m.5 views

CVE-2019-1273

A cross-site-scripting XSS vulnerability exists when Active Directory Federation Services ADFS does not properly sanitize certain error messages, aka 'Active Directory Federation Services XSS Vulnerability'...

5.4CVSS5.5AI score0.01548EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2024/02/29 3:21 p.m.47 views

New Silver SAML Attack Evades Golden SAML Defenses in Identity Systems

Cybersecurity researchers have disclosed a new attack technique called Silver SAML that can be successful even in cases where mitigations have been applied against Golden SAML attacks. Silver SAML "enables the exploitation of SAML to launch attacks from an identity provider like Entra ID against...

7.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/01/03 12:0 a.m.17 views

ADFS Relying Party Trusts Disclosure

Microsoft Active Directory Federation Services ADFS is a very popular Single Sign On SSO feature offering identity federation to organizations. An ADFS server can be configured to show a login page to connect to corporate applications directly from this Identity Provider IdP. When enabled, this w...

7.1AI score
Exploits0References2
Microsoft KB
Microsoft KB
added 2023/05/09 7:0 a.m.185 views

May 9, 2023—KB5026370 (OS Build 20348.1726)

May 9, 2023—KB5026370 OS Build 20348.1726 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out when new...

9.8CVSS8AI score0.94683EPSS
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/02/08 5:0 p.m.15 views

Solving one of NOBELIUM’s most novel attacks: Cyberattack Series

Our story begins with eight Microsoft Detection and Response Team DART analysts gathered around a customer’s conference room to solve a cybersecurity mystery. Joined by members of the customer’s cybersecurity team, they were there to figure out how a Russia-based nation-state hacking group known ...

0.5AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/07/12 11:15 p.m.1 views

CVE-2022-30215

Active Directory Federation Services Elevation of Privilege Vulnerability...

8.5CVSS7.1AI score0.01388EPSS
Exploits0References3Affected Software6
Prion
Prion
added 2022/07/12 11:15 p.m.25 views

Privilege escalation

Active Directory Federation Services Elevation of Privilege Vulnerability...

8.5CVSS7.6AI score0.01388EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/01/12 12:0 a.m.4 views

The vulnerability of the Active Directory Federation Services (AD FS) for Windows operating systems allows a perpetrator to circumvent security restrictions and enhance their privileges.

The vulnerability of the Active Directory Federation Services AD FS for Windows operating systems is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to bypass security restrictions and increase their privileges...

8.5CVSS7.7AI score0.02229EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2021/09/28 2:39 p.m.49 views

SolarWinds Attackers Hit Active Directory Servers with FoggyWeb Backdoor

The threat actors behind the notorious SolarWinds supply-chain attacks have dispatched new malware to steal data and maintain persistence on victims’ networks, researchers have found. Researchers from the Microsoft Threat Intelligence Center MSTIC have observed the APT it calls Nobelium using a...

9.8CVSS9AI score0.99999EPSS
Exploits11References12
Microsoft Secure
Microsoft Secure
added 2021/09/27 7:0 p.m.48 views

FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor

Microsoft continues to work with partners and customers to track and expand our knowledge of the threat actor we refer to as NOBELIUM, the actor behind the SUNBURST backdoor, TEARDROP malware, and related components. As we stated before, we suspect that NOBELIUM can draw from significant...

8.1AI score
Exploits0
CNNVD
CNNVD
added 2021/07/13 12:0 a.m.7 views

Microsoft Active Directory Federation Services 安全特征问题漏洞

Windows Server is the brand name of a series of server operating systems released by Microsoft, including all Windows operating systems released under the brand name "Windows Server." ADFS in Microsoft Windows Server is vulnerable to a security ADFS in Microsoft Windows Server is vulnerable to a...

8.1CVSS5.5AI score0.02229EPSS
Exploits0References4
FireEye
FireEye
added 2021/04/27 12:0 a.m.176 views

Abusing Replication: Stealing AD FS Secrets Over the Network

Organizations are increasingly adopting cloud-based services such as Microsoft 365 to host applications and data. Sophisticated threat actors are catching on and Mandiant has observed an increased focus on long-term persistent access to Microsoft 365 as one of their primary objectives. The focus ...

8.1AI score
Exploits0References8
Rows per page
Query Builder