Lucene search
K

6 matches found

The Hacker News
The Hacker News
added 2025/06/17 11:25 a.m.12 views

Are Forgotten AD Service Accounts Leaving You at Risk?

For many organizations, Active Directory AD service accounts are quiet afterthoughts, persisting in the background long after their original purpose has been forgotten. To make matters worse, these orphaned service accounts created for legacy applications, scheduled tasks, automation scripts, or...

7.9AI score
Exploits0
Vulnrichment
Vulnrichment
added 2024/02/20 5:35 p.m.17 views

CVE-2024-22245 Arbitrary Authentication Relay Vulnerability in Deprecated EAP Browser Plugin

Arbitrary Authentication Relay and Session Hijack vulnerabilities in the deprecated VMware Enhanced Authentication Plug-in EAP could allow a malicious actor that could trick a target domain user with EAP installed in their web browser into requesting and relaying service tickets for arbitrary...

9.6CVSS7.2AI score0.01262EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/20 5:35 p.m.29 views

CVE-2024-22245 Arbitrary Authentication Relay Vulnerability in Deprecated EAP Browser Plugin

Arbitrary Authentication Relay and Session Hijack vulnerabilities in the deprecated VMware Enhanced Authentication Plug-in EAP could allow a malicious actor that could trick a target domain user with EAP installed in their web browser into requesting and relaying service tickets for arbitrary...

9.6CVSS9.7AI score0.01262EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2022/09/01 10:3 a.m.23 views

Infra Used in Cisco Hack Also Targeted Workforce Management Solution

The attack infrastructure used to target Cisco in the May 2022 incident was also employed against an attempted compromise of an unnamed workforce management solutions holding company a month earlier in April 2022. Cybersecurity firm eSentire, which disclosed the findings, raised the possibility...

0.6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/01/25 12:0 a.m.5 views

The vulnerability of the Windows operating system, which allows a hacker to inject arbitrary web or HTML code

The vulnerability of the Active Directory service for Windows operating systems exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary web or HTML code by manipulating the wct parameter...

4.3CVSS5.7AI score0.11058EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/09/08 12:0 a.m.35 views

MS15-096: Vulnerability in Active Directory Service Could Allow Denial of Service (3072595)

The remote Windows host is affected by a denial of service vulnerability in Active Directory that is triggered during the handling of a saturation of account creations. An authenticated, remote attacker, with privileges to join machines to a domain, can exploit this vulnerability by creating...

4CVSS7.3AI score0.11526EPSS
Exploits0References2
Rows per page
Query Builder